1

I have trouble to connect over HTTPS with private key to a remote server. I get certificate from this link: https://drive.google.com/file/d/0B6Z9wNTXyUEebFo2bVdEbWVKQlU/view?usp=sharing password for this certificate is Geslo123#

In Java I have done this example:

package com.test;

import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URL;
import java.security.KeyManagementException;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;


public class KeystoreHTTPS {

public KeystoreHTTPS() throws FileNotFoundException {
    try {

        System.out.println("Begin");

        URL url = new URL("https://blagajne-test.fu.gov.si:9002/v1/cash_registers");
        String USER_AGENT = "Mozilla/5.0";
        String keyStore = "c:/cert/10031685-1.p12";
        String keyStorePassword = "Geslo123#";
        String keyPassword = "Geslo123#";
        String KeyStoreType = "PKCS12";
        String KeyManagerAlgorithm = "SunX509";
        String SSLVersion = "TLSv1";
        HttpsURLConnection con = getHttpsURLConnection(url, keyStore, keyStorePassword, keyPassword, KeyStoreType, KeyManagerAlgorithm, SSLVersion);

        //add reuqest header
    con.setRequestMethod("POST");
    con.setRequestProperty("User-Agent", USER_AGENT);
    con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");

    String urlParameters = "sn=C02G8416DRJM&cn=&locale=&caller=&num=12345";

    // Send post request
    con.setDoOutput(true);
    DataOutputStream wr = new DataOutputStream(con.getOutputStream());
    wr.writeBytes(urlParameters);
    wr.flush();
    wr.close();

    int responseCode = con.getResponseCode();
    System.out.println("\nSending 'POST' request to URL : " + url);
    System.out.println("Post parameters : " + urlParameters);
    System.out.println("Response Code : " + responseCode);

    BufferedReader in = new BufferedReader(
            new InputStreamReader(con.getInputStream()));
    String inputLine;
    StringBuffer response = new StringBuffer();

    while ((inputLine = in.readLine()) != null) {
        response.append(inputLine);
    }
    in.close();

    //print result
    System.out.println(response.toString());

    } catch (Exception ex) {
        Logger.getLogger(KeystoreHTTPS.class.getName()).log(Level.SEVERE, null, ex);
    }
}

public static HttpsURLConnection getHttpsURLConnection(URL url, String keystore,
        String keyStorePass, String keyPassword, String KeyStoreType, String KeyManagerAlgorithm, String SSLVersion)
        throws NoSuchAlgorithmException, KeyStoreException,
        CertificateException, FileNotFoundException, IOException,
        UnrecoverableKeyException, KeyManagementException {
    System.setProperty("javax.net.debug", "ssl,handshake,record");

    SSLContext sslcontext = SSLContext.getInstance(SSLVersion);
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerAlgorithm);
    KeyStore ks = KeyStore.getInstance(KeyStoreType);
    ks.load(new FileInputStream(keystore), keyStorePass.toCharArray());
    kmf.init(ks, keyPassword.toCharArray());

    TrustManagerFactory tmf = TrustManagerFactory
            .getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(ks);
    TrustManager[] tm = tmf.getTrustManagers();

    sslcontext.init(kmf.getKeyManagers(), tm, null);
    SSLSocketFactory sslSocketFactory = sslcontext.getSocketFactory();
    HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
    HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();

    return httpsURLConnection;
}

public static void main(String[] args) throws FileNotFoundException {
    KeystoreHTTPS a = new KeystoreHTTPS();

}

}

I get this kind of Exception: 

javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target

What I want is to make a connection to specified URL without java keystore (directly with certificate from file).

Is this possible? (I'm using Java 1.6)

If I use this certificate in SOAP-UI I can make a connection to a remote URL without any problem...

thank you for your help

Alex
  • 8,461
  • 6
  • 37
  • 49
Ferguson
  • 527
  • 1
  • 11
  • 29
  • Or If I change SSLVersion to TLS I get: SEVERE: null javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target – Ferguson Nov 06 '15 at 08:27

0 Answers0