Java calls HTTPS service error Unable to find valid certification path to requested target workaround

Source: Internet
Author: User
Tags ssl certificate

Our site to be HTTPS modified, configured on the purchase of SSL certificate, the browser access is normal, but wrote a Java code with httpcomponents call HTTPS rest interface times wrong:


Exception in thread "main" Javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX path Building failed:sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to Requested target

At Sun.security.ssl.Alerts.getSSLException (alerts.java:192)

At Sun.security.ssl.SSLSocketImpl.fatal (sslsocketimpl.java:1904)

At Sun.security.ssl.Handshaker.fatalSE (handshaker.java:279)

At Sun.security.ssl.Handshaker.fatalSE (handshaker.java:273)

At Sun.security.ssl.ClientHandshaker.serverCertificate (clienthandshaker.java:1446)

At Sun.security.ssl.ClientHandshaker.processMessage (clienthandshaker.java:209)

At Sun.security.ssl.Handshaker.processLoop (handshaker.java:901)

At Sun.security.ssl.Handshaker.process_record (handshaker.java:837)

At Sun.security.ssl.SSLSocketImpl.readRecord (sslsocketimpl.java:1023)

At Sun.security.ssl.SSLSocketImpl.performInitialHandshake (sslsocketimpl.java:1332)

At Sun.security.ssl.SSLSocketImpl.startHandshake (sslsocketimpl.java:1359)

At Sun.security.ssl.SSLSocketImpl.startHandshake (sslsocketimpl.java:1343)

At Org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket (sslconnectionsocketfactory.java:394)

At Org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket (sslconnectionsocketfactory.java:353)

At Org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect ( defaulthttpclientconnectionoperator.java:141)

At Org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect (Poolinghttpclientconnectionmanager.java : 353)

At Org.apache.http.impl.execchain.MainClientExec.establishRoute (mainclientexec.java:380)

At Org.apache.http.impl.execchain.MainClientExec.execute (mainclientexec.java:236)

At Org.apache.http.impl.execchain.ProtocolExec.execute (protocolexec.java:184)

At Org.apache.http.impl.execchain.RetryExec.execute (retryexec.java:88)

At Org.apache.http.impl.execchain.RedirectExec.execute (redirectexec.java:110)

At Org.apache.http.impl.client.InternalHttpClient.doExecute (internalhttpclient.java:184)

At Org.apache.http.impl.client.CloseableHttpClient.execute (closeablehttpclient.java:82)

At Org.apache.http.impl.client.CloseableHttpClient.execute (closeablehttpclient.java:107)

At Com.duiba.activity.cmsweb.controller.DappConfigCtrl.main (dappconfigctrl.java:1248)

At Sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)

At Sun.reflect.NativeMethodAccessorImpl.invoke (nativemethodaccessorimpl.java:57)

At Sun.reflect.DelegatingMethodAccessorImpl.invoke (delegatingmethodaccessorimpl.java:43)

At Java.lang.reflect.Method.invoke (method.java:606)

At Com.intellij.rt.execution.application.AppMain.main (appmain.java:147)

caused By:sun.security.validator.ValidatorException:PKIX path building failed: Sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to requested target

At Sun.security.validator.PKIXValidator.doBuild (pkixvalidator.java:385)

At Sun.security.validator.PKIXValidator.engineValidate (pkixvalidator.java:292)

At Sun.security.validator.Validator.validate (validator.java:260)

At Sun.security.ssl.X509TrustManagerImpl.validate (x509trustmanagerimpl.java:326)

At sun.security.ssl.X509TrustManagerImpl.checkTrusted (x509trustmanagerimpl.java:231)

At sun.security.ssl.X509TrustManagerImpl.checkServerTrusted (x509trustmanagerimpl.java:126)

At Sun.security.ssl.ClientHandshaker.serverCertificate (clienthandshaker.java:1428)

... More

caused By:sun.security.provider.certpath.SunCertPathBuilderException:unable to find valid certification path to Requested target

At Sun.security.provider.certpath.SunCertPathBuilder.engineBuild (suncertpathbuilder.java:196)

At Java.security.cert.CertPathBuilder.build (certpathbuilder.java:268)

At Sun.security.validator.PKIXValidator.doBuild (pkixvalidator.java:380)

... More



Online Search a bunch of information, or to put the site certificate in a directory, or to change the code, there is no I want, because it is impossible for other developers to do these things.

Later learned about the certificate chain, only to know how to solve the problem. The certificate chain can be read here: http://blog.sina.com.cn/s/blog_53ed87c10102vn8b.html

This problem arises because we use only the issued certificate when we configure the certificate, and the Java client cannot find the trusted superior certificate, so the error is not available. The solution is also very simple, the intermediate certificate, the root certificate attached to the signing of the certificate can be, the specific method reference here: https://yq.aliyun.com/articles/26569

This article is from "Wolf" blog, please make sure to keep this source http://huangwq.blog.51cto.com/10299403/1859536

Java calls HTTPS service error Unable to find valid certification path to requested target workaround

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.