Sending http request to server have exception sometimes happen

Question

URL oauth = new URL(URL);
URLConnection oauth_connection = oauth.openConnection();

BufferedReader in = new BufferedReader(new InputStreamReader(
            oauth_connection.getInputStream()));

String inputLine = "";

String line;

//System.out.println(in.readLine());
while((line = in.readLine()) != null)
    inputLine += line;

in.close();

Throws exception at the BufferedReader line:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at sun.security.ssl.Handshaker.processLoop(Unknown Source) at sun.security.ssl.Handshaker.process_record(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)

but half of the time, it gave result back successfully – Kevin Qu Jun 22 '12 at 21:55 — Kevin Qu, Jun 22 '12 at 21:55

score 1 · Accepted Answer · edited May 23 '17 at 11:56

1

you probably either have a self-signed certificate, or a chained certificate where some portion of the chain is not trusted.

You can import the certificate into your trust store see Digital Certificate: How to import .cer file in to .truststore file using?

Or you can ignore the problem as in this question Ignore certificate errors when requesting a URL in Java

edited May 23 '17 at 11:56

Community

1
1

answered Jun 22 '12 at 21:28

digitaljoel

26,265
15
89
115

but half of the time, it gave result back successfully – Kevin Qu Jun 22 '12 at 21:49
Maybe you are hitting a load balancer that relies on the servers for the cert instead of having its own and one of the servers behind the balancer has a bad or different certificate that you also need to install in your trust store? – digitaljoel Jun 22 '12 at 22:18
but after shut down one server, it still has that problem, half and half. – Kevin Qu Jun 22 '12 at 22:21

score 0 · Answer 2 · answered Jun 22 '12 at 21:27

0

All you need to do is to add the server certificate to your trusted Java key store if your client is written in Java.

Refer this page. https://blogs.oracle.com/gc/entry/unable_to_find_valid_certification

answered Jun 22 '12 at 21:27

Akhi

2,242
18
24

but half of the time, it gave result back successfully – Kevin Qu Jun 22 '12 at 21:48

Sending http request to server have exception sometimes happen

2 Answers2