10

i'm working with Liferay and i'm using eclipse, and running a client/server model, using an encrypted socket (SSL).

Currently, my application is running the client/server connection ok when I run the application in batch mode but when i try to start the server in Eclipse the application is giving me error

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)

I already use the InstallCert.java and copy the jssecacerts into

%JAVA_HOME%/jdk_version/jre/lib/security

but is still giving me errors. I've also checked the certificate (keytool -v -list) and installed manually in the root CAs trusted. What can be the problem? Thanks!

El0din
  • 3,208
  • 3
  • 20
  • 31

5 Answers5

8

Please refer this answer for your reference.

No need of passing any VM arguments after you successfully installed certificate of the site which is giving you PKIX error!

But key is to find JRE which is giving you this error! So make sure about 2 things:

  1. you install certificate to cacerts file of JRE which Eclipse is using
  2. certificate is root certificate
Eugen Labun
  • 2,561
  • 1
  • 22
  • 18
positivecrux
  • 1,307
  • 2
  • 16
  • 35
  • 2
    my certificate was a root certificate, but i needed to add in the jre, i use portecle for that and that works! thx! – El0din Aug 23 '16 at 07:01
  • related: https://mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target/ – XoXo Feb 19 '21 at 18:34
2

tried and tested method. if you face this certificate issue with eclipse plugin installation do below steps:

  1. note the url of the plugin site you are facing issue.

  2. hit that url in browser.

  3. go to lock symbol on left side and click to view certificate

  4. go to details and do file export in Base 64.

  5. better to save cert in eclipse directory.

  6. open cmd with administrator

  7. go to jdk directory you are using to run eclipse and find keytool

  8. run below command keytool -keystore ..\lib\security\cacerts -import -alias example2 -file <path_to_expotrted cert in step 4> use password - changeit

  9. go to eclipse.ini and add below commands -Djavax.net.ssl.trustStore=C:\Program Files\Java\jdk-11\lib\security\cacerts

  10. make sure to restart eclipse after every plugin site certificate added to keystore.

rohsin47
  • 21
  • 1
  • 1
1

Try passing the certifacate path in VM arguments when running in eclipse 

-Djavax.net.ssl.trustStore="PATH_TO_jssecacerts"
KlajdPaja
  • 959
  • 1
  • 8
  • 17
1

SOLVED: Certificate issue with eclipse plugin installation Follow these steps:

Understand eclipse uses JRE certs to connect. So you need to add your plugin(website) certificates to JRE/lib/security/cacerts

  1. Open the URL or your plugin in browser and click below

Link Open

Get Certificate

Download

Save

Save it as .cer file

  1. Goto your JRE path: C:\Program Files (x86)\Java\jre1.8.0_333\lib\security and open command promt here and enter the command keytool -import -trustcacerts -keystore cacerts -storepass changeit -noprompt -alias marketPlaceAPI -file "C:\Users**\Downloads\Programs\marketPlaceAPI.cer"

Enter Keystore command

  1. Goto your Eclipse Ini file: and under -VmArgs add Update Eclipse.ini file

This is all, your certificates are added in JRE and in eclipse you have said to use these certs.

Vivek Kumar
  • 19
  • 9
0

I have solved this issue in my eclipse after struggling for almost a day. Please find solution here https://stackoverflow.com/a/73034945/7611709

Vivek Kumar
  • 19
  • 9