unable to find valid certification path to requested target PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException
Question
I have create a custom keystore file xyz.jsk, When I tried to using this file I am getting exception
org.springframework.web.client.ResourceAccessException: I/O error on POST request for : sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
String keyStorePassword = "NEWPASSWORD";
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
ClassLoader classLoader = getClass().getClassLoader();
// File file = new
File(classLoader.getResource(keyStoreFile).getFile());
File file = new File(dir, "xyz.jks");;
keyStore.load(new FileInputStream(file),
keyStorePassword.toCharArray());
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
new SSLContextBuilder()
.loadTrustMaterial(null, new TrustSelfSignedStrategy())
.loadKeyMaterial(keyStore, keyStorePassword.toCharArray())
.build(),
NoopHostnameVerifier.INSTANCE);
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory httpRequestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
restTemplate.setRequestFactory(httpRequestFactory);
((HttpComponentsClientHttpRequestFactory) restTemplate.getRequestFactory())
.setConnectTimeout(Integer.parseInt(strTimeOut));
ResponseEntity<String> responseEntity = restTemplate.exchange(urlPath, HttpMethod.POST, entity, clazz);
1 answers
solution1
1 2019-02-13 11:52:40
Programmatic solution for certificate solution
Please look into following imports :-
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
Now the function
ClientConfig clientConfig = getClientConfig();
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
SSLContext sc = null;
try {
sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
// do nothing
}
Client client = ClientBuilder.newBuilder().withConfig(clientConfig).sslContext(sc).hostnameVerifier((s1, s2) -> true)
.build();
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.