SSL connection using certificate

Question

I am trying to write a code that will allow me to connect to to a server using a SSL connection with a certificate. I have the certificate, its a .crt file. I Have assembled a code but it does not work:

public class SSLClient {
public static void main(String[] args) throws Exception{
    String strServerName = "Some Server"; // SSL Server Name
    int intSSLport = 443; // Port where the SSL Server is listening
    PrintWriter out = null;
    BufferedReader in = null;

    {
        // Registering the JSSE provider
        Security.addProvider(new Provider());
    }

    try {
        // Creating Client Sockets
        SSLSocketFactory sslfac = (SSLSocketFactory)SSLSocketFactory.getDefault();
        SSLSocket socket = (SSLSocket)sslfac.createSocket(strServerName,intSSLport);

        System.setProperty("javax.net.ssl.keyStore", "D:/projects/TemporaryTesting/certificate.crt");

        // Initializing the streams for Communication with the Server
        out = new PrintWriter(socket.getOutputStream(), true);
        in = new BufferedReader(new InputStreamReader(socket.getInputStream()));

        BufferedReader stdIn = new BufferedReader(new InputStreamReader(System.in));
        String userInput = "Hello Testing ";
        out.println(userInput);
        System.out.println("echo: " + in.readLine());

        // Closing the Streams and the Socket
        out.close();
        in.close();
        stdIn.close();
        socket.close();
    }

    catch(Exception exp)
    {
        System.out.println(" Exception occurred .... " +exp);
        exp.printStackTrace();
    }

}}

This is the error i am getting:

 javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetjavax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

What am i doing wrong? Do i have to register the certificate some how with java before i can use it? How do i fix it? This is my first encounter with SSL connections, so any help would be appreciated.

I think you forgot to add the certificate of the server (`strServerName`) in your trustore — Olivier Boissé, Aug 16 '16 at 08:26
[check this](http://stackoverflow.com/questions/6908948/java-sun-security-provider-certpath-suncertpathbuilderexception-unable-to-find) — Ashish Patil, Aug 16 '16 at 08:36
@oliv37 What is the trustore? How do i add the certificate to it? — , Aug 16 '16 at 09:25

score 0 · Accepted Answer · answered Aug 16 '16 at 08:30

0

I remember doing several things like installing keytool in eclipse, importing certificates into eclipse

Also importing manually in cmd to the cacerts file in the JDK folder under lib/security http://magicmonster.com/kb/prg/java/ssl/pkix_path_building_failed.html

Lastly adding this parameter in the run config for my maven project -Djavax.net.debug=all in eclipse for debugging

answered Aug 16 '16 at 08:30

kaya

1,626
1
21
27

After installing the keytool in eclipse and importing a certificate, do i still have to enter the command in the cmd? Isn`t the keytool suppose to do all that process for you? Where do i enter the `-Djavax.net.debug=all` in eclipse? – Aug 16 '16 at 09:22
You´re lucky, i had the same problem a minute ago as i updated to jdk8, keytool -import -alias someUrl.com -keystore "C:\Program Files\Java\jdk1.8.0_102\jre\lib\security\cacerts" -file "C:\Users\yourUsername\Desktop\certificate.crt" did the fix for me but i already had keytool etc. done, what about we talk in chat – kaya Aug 16 '16 at 09:26
Is there a chat in here? How do we turn it on? – Aug 16 '16 at 09:37
idk to be honest, i think it comes after some comments here, so what have you done so far with the command line? – kaya Aug 16 '16 at 09:40
I have installed the keytool to eclipse. I opened cmd and navigated to the java jre directory. Then i have typed : `keytool -import -alias someUrl.com -keystore .\lib\security\‌cacerts -file D:\projects\Certificates\certificat‌e.crt`. I got a respond from cmd saying: `'keytool' is not recognized as an internal or external command, operab le program or batch file`. – Aug 16 '16 at 09:47
do you have your JDK in your system path environment variables? what happens if you type `java -version`, please do this outside of the Java directory – kaya Aug 16 '16 at 09:48
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/121044/discussion-between-dany-lavrov-and-kaya). – Aug 16 '16 at 09:50

SSL connection using certificate

1 Answers1

Linked