I have a webservice that needs a client certificate which I load at runtime using the following:
System.setProperty("javax.net.ssl.keyStore", keystore.getAbsolutePath());
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.keyStoreType", "jks");
System.setProperty("javax.net.ssl.trustStore", cafile.getAbsolutePath());
System.setProperty("javax.net.ssl.trustStorePassword", "password");
However, now my other webservice which connects via regular https (without any client certificate) is broken:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Is there a way I can load the certificates at runtime without breaking the existing https webservice?
i tried this long back for similar problem, and was working.
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider (new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("https.protocols", "SSLv3,TLSv1");
System.setProperty("javax.net.ssl.trustStore", "");
System.setProperty("javax.net.ssl.trustStorePassword", "");
System.setProperty("javax.net.ssl.trustStoreType", "");
Security.ssl.allowUnsafeRenegotiation", "true");
System.setProperty("javax.net.ssl.keyStore", "");
System.setProperty("javax.net.ssl.keyStorePassword", "");
System.setProperty("javax.net.ssl.keyStoreType", "");
System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
Also the same can be achieved by configuring the trustore
and keystore
in the application server you are using.
Issue is with certificates not getting imported correctly. I hope below links will help you out.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.