Certs are the root of all evil

I know it shouldn’t be this hard… any help would be appreciated.

We have IS server A as the SSL server
We have IS server B acting as the client who will invoke a service on Server A via https

Server A has been setup with SSL port 5556 to “request client certs”.
We have installed real Verisign certificates on Server A.
Server A has a valid, non-expired CA cert.

Server B attempts to invoke the service on Server A and gets the error “java.io.IOException: iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier”

I have added the valid CA Cert to both servers in a trusted directory and refreshed the cache.

We continue to get the “… rejected by ChainVerifier” error.

I know I am missing something, just do not know what.

It looks like server B is not liking the certs presented by server A.

make sure all (Root & intermediate) the CA certs of Server A are correctly placed in the trusted CA certs store of Server B.