It is theoretically possible, but IMO highly unlikely, that Java has a corrupt CA cert. It is more likely that the CA cert you want is not in the JRE's cacerts store. You can check on the contents of the store (on Linux at least) using 'keytool'; e.g.
keytool -list -keystore /usr/java/jdk1.6.0_14/jre/lib/security/cacerts
Scan through that listing to see if you can see the fingerprint for the CAcert that your URL requires.
Reference: the JDK 6.0 JDK Development Tools / Security Tools page/section.
Stephen C
2009-07-30 02:01:53