This week's book giveaway is in the Kotlin forum.
We're giving away four copies of Kotlin for Android App Development and have Peter Sommerhoff on-line!
See this thread for details.
Win a copy of Kotlin for Android App Development this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Devaka Cooray
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Junilu Lacar
  • Paul Clapham
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • salvin francis
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Frits Walraven
  • Ganesh Patekar

Default keystore(s) used for HTTPS?  RSS feed

 
Greenhorn
Posts: 2
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm trying to do a get over https to one of our servers. It works from a browser, but not from my Java code (running on Java version 1.5.0), where I get the exception:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

(I can connect to other urls using https.)

As I understand it, the error is occurring because I don't have a certificate from the CA that signed the server certificate. So I've exported the CA root certificate from Internet Explorer and imported it into the keystore of my jre using keytool.

However, I still get the same exception and I'm wondering if the SSL library and I are using the same keystore.

The keystore I imported the certificate into is lib\security\cacerts relative to the jre path from the java.home property.

Whether I set javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword or not makes no difference. I understand there is search algorithm that uses the javax.net.ssl.trustStore property but will ultimately use lib\security\cacerts.

Can anyone see any mistakes in my reasoning or alternatives I could try? I guess I could put the CA certificate in a separate keystore and specify that via javax.net.ssl.trustStore...

My actual code is just this:



Thanks,

David
 
Ranch Hand
Posts: 257
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Did you find a solution? I've got this exact same issue. I'm using a Mac.
 
All of the world's problems can be solved in a garden - Geoff Lawton. Tiny ad:
RavenDB is an Open Source NoSQL Database that’s fully transactional (ACID) across your database
https://coderanch.com/t/704633/RavenDB-Open-Source-NoSQL-Database
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!