EDIT : The first version of this question gave the impression that my problem had something to do with Maven. I rephrased to put more focus on the JDK.
I get the sun.security.provider.certpath.SunCertPathBuilderException: PKIX path building failed
when trying to contact any SSL-enabled service using Java. Answers to other relevant questions did not stop the error for me.
The error appears both with any Maven task, such as below...
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-clean-plugin:2.5:clean (default-clean) on project foundation-ddl: Execution default-clean of goal org.apache.maven.plugins:maven-clean-plugin:2.5:clean failed: Plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved: Failed to collect dependencies at org.apache.maven.plugins:maven-clean-plugin:jar:2.5 -> org.apache.maven:maven-plugin-api:jar:2.0.6: Failed to read artifact descriptor for org.apache.maven:maven-plugin-api:jar:2.0.6: Could not transfer artifact org.apache.maven:maven-plugin-api:pom:2.0.6 from/to example (https://example.com/artifactory/repo/): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target -> [Help 1]
...Or if I execute a jar that contacts a SSL service
$ java -jar atlassian-bamboo-agent-installer-5.9.7.jar http://...
INFO | jvm 1 | 2016/03/09 10:59:21 | 2016-03-09 10:59:21,381 FATAL [WrapperSimpleAppMain] [AgentBootstrap] Exiting due to fatal exception.
INFO | jvm 1 | 2016/03/09 10:59:21 | javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:535)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentContext.initFingerprint(AgentContext.java:118)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentContext.initServerSession(AgentContext.java:103)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentContext.run(AgentContext.java:94)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentBootstrap.run(AgentBootstrap.java:95)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentBootstrap.main(AgentBootstrap.java:41)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
INFO | jvm 1 | 2016/03/09 10:59:21 | at java.lang.reflect.Method.invoke(Method.java:498)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240)
INFO | jvm 1 | 2016/03/09 10:59:21 | at java.lang.Thread.run(Thread.java:745)
INFO | jvm 1 | 2016/03/09 10:59:21 | Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
No errors, certificate is already trusted
, but that didn't stop the error.The well-known ways to fix this issue don't seem to work. How can I stop the error, fix my JDK and finally use SSL-enabled services again?
After futile investigation I ended up purging and reinstalling the JDK, which resolved the issue. The version of the JDK did not change. For those of you reaching this page for this issue via Google, just do that and save yourself the dread.
You should check JDK version you are using and install the Intermediate certificates as well as CAs (if it is self signed or internal signed ) into the JDK which maven is using. I think that resolve the problem.
removing ~/.m2/repository should not be the reason. make sure the has not changed the Certificate Recently.
You could even use the following maven options to locate your trust store and keystore.
MAVEN_OPTS="-Xmx512m -Djavax.net.ssl.trustStore=trust.jks \
-Djavax.net.ssl.trustStorePassword= \
-Djavax.net.ssl.keyStore=/home/directory/mycertificate.p12 \
-Djavax.net.ssl.keyStoreType=pkcs12 \
-Djavax.net.ssl.keyStorePassword=XXXXXX"
Please refer to below URL it's good guide for Maven SSL configuration
https://maven.apache.org/guides/mini/guide-repository-ssl.html
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.