Submitter looking for some inputs on validating Intermediate SSL certificates in Java. Here is summary of their use case and the issue:
- Request is sent from the Fusion application to a remote server over SSL
- The SSL certificate of the remote is signed/issued by an Intermediate certificate, which is not present in the default JDK truststore.
- The Intermediate certificate is signed/issued by a root certificate, which is present in the default JDK truststore.
- In the past, they used to import the Intermediate certificates into the JDK truststore and this used to work fine.
- This import action is no longer possible though

Submitter came across a blog and the related java documentation that seems to
suggest that it is possible for Java to automatically determine the
Intermediate certificate through "Authority Information Access (AIA)
Extension". As per the blog, this is disabled by default and can be enabled
through the system option "com.sun.security.enableAIAcaIssuers", by setting
it to "true"

This approach doesn't seem to work for submitter