Java SSLSocket: PKIX path building failed
Question
I want to connect to our university server using a SSL connection.
I have in a configuration folder the following files:
- client.policy
- uni_keystore.jks
- uni_server.cer
- uni_truststore.jks
client.policy file contains the following:
grant {
permission java.security.AllPermission ;
};
The connection to the server is established, but when i try to read from server i get the exception:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
This is how i connect to the server (i trimmed the try/catch blocks to shorten the code):
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
String configPath = "C:/eclipse/workspace/uniproject/";
Properties systemProps = System.getProperties();
systemProps.put( "javax.net.ssl.trustStore", configPath+"uni_truststore.jks");
systemProps.put( "javax.net.ssl.keyStore", configPath+"uni_keystore.jks");
System.setProperties(systemProps);
s = (SSLSocket) factory.createSocket(UNI_ADDRESS, UNI_PORT);
I'm connecting to the server over my VPN.
And this is how i try to read (i trimmed the try/catch blocks to shorten the code):
InputStream istream = s.getInputStream();
BufferedReader reader = new BufferedReader( new InputStreamReader(istream) );
String data;
do {
// this lines throws exception
data = reader.readLine();
System.out.println(data);
}
while(data != null);
I'm not doing anything about client.policy and uni_server.cer files in the code. Could this be the problem? what am i missing?
Thanks.
2 more things:
- i installed the certification (before this post, i hadn't had)
- i added the line:
systemProps.put( "javax.net.ssl.keyStorePassword", "pass");
1 answers
solution1
3 ACCPTED 2012-11-22 02:22:14
Try re-sequencing your calls like this:
String configPath = "C:/eclipse/workspace/uniproject/";
Properties systemProps = System.getProperties();
systemProps.put( "javax.net.ssl.trustStore", configPath+"uni_truststore.jks");
systemProps.put( "javax.net.ssl.keyStore", configPath+"uni_keystore.jks");
System.setProperties(systemProps);
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
s = (SSLSocket) factory.createSocket(UNI_ADDRESS, UNI_PORT);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.