1

I'm using eclipse and had written a method in java to upload a file to amazon s3. Its uploading successfully from main method. From eclipse I copied equivalent command from debug perspective and ran in command prompt, its working fine. I added those portion of code in our project and packed jar file. When I call that function in jar file its throwing

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target error.

All the dependency jar files which I pointed in eclipse, the same I pointed in packed jar file also. Stil it is not working.

Method for uploading to amazon s3

public static boolean saveFileToS3(File f, Long contentLength, String s3Name, String bucketName,String accessKey, String secretKey) throws FileNotFoundException, IllegalArgumentException, IOException, InterruptedException {

    AmazonS3 s3Client = null;
    try {
        AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey);
        s3Client = new AmazonS3Client(credentials);
    } catch (Exception e1) {
        e1.printStackTrace();
        return false;
    }        

    List<PartETag> partETags = new ArrayList<PartETag>();
    InitiateMultipartUploadRequest initRequest = new InitiateMultipartUploadRequest(bucketName, s3Name);
    ObjectMetadata metadata = new ObjectMetadata();
    metadata.setContentLength(contentLength);

    initRequest.setObjectMetadata(metadata);
    initRequest.withCannedACL(CannedAccessControlList.PublicRead);
    InitiateMultipartUploadResult initResponse = null;
    try {
        initResponse = s3Client.initiateMultipartUpload(initRequest);
        if(initResponse == null){
            return false;
        }
    } catch (AmazonServiceException e) {
        e.printStackTrace();
    } catch (AmazonClientException e) {
        e.printStackTrace();
    } catch (Exception e){
        return false;
    }
    long partSize = 10485760; // Set part size to 10 MB.
    try {
        long filePosition = 0;
        for (int i = 1; filePosition < contentLength; i++) {
            partSize = Math.min(partSize, (contentLength - filePosition));

            if(initResponse == null){
                return false;
            }

            UploadPartRequest uploadRequest = new UploadPartRequest().withBucketName(bucketName).withKey(s3Name).withUploadId(initResponse.getUploadId()).withPartNumber(i).withFileOffset(filePosition).withFile(f).withPartSize(partSize);

            partETags.add(s3Client.uploadPart(uploadRequest).getPartETag());

            filePosition += partSize;
        }
        CompleteMultipartUploadRequest compRequest = new CompleteMultipartUploadRequest(bucketName, s3Name, initResponse.getUploadId(), partETags);

        s3Client.completeMultipartUpload(compRequest);
        System.out.println("Upload complete.");
    } catch (AmazonClientException amazonClientException) {
        s3Client.abortMultipartUpload(new AbortMultipartUploadRequest(bucketName, s3Name, initResponse.getUploadId()));
        amazonClientException.printStackTrace();
        f.delete();
        return false;
    }
    f.delete();
    return true;
}

Exception thrown

com.amazonaws.AmazonClientException: Unable to execute HTTP request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:461)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:234)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3569)
at com.amazonaws.services.s3.AmazonS3Client.initiateMultipartUpload(AmazonS3Client.java:2619)
at com.virima.discoveryagentclient.ClientUtils.saveFileToS3(ClientUtils.java:2541)
at com.virima.discoveryagentclient.probes.ProbeService.runProbe(ProbeService.java:1392)
at com.virima.discoveryagentclient.probes.ProbeService.run(ProbeService.java:2187)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1497)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:535)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:391)
... 6 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1479)
... 23 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
... 29 more

I have included these four jars which needed for Amazon s3 upload functionality. aws-java-sdk-1.7.8.1.jar jackson-annotations-2.1.2.jar jackson-core-2.2.3.jar jackson-databind-2.1.2.jar

This is this the command I'm using to run from main method

"C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe" -Dfile.encoding=Cp1252 -classpath C:\Workspace\bin;C:\Workspace\modules\lib\servlet-api.jar;C:\Workspace\modules\lib\rztbase.jar;C:\Workspace\modules\lib\mongo-2.10.1.jar;C:\Workspace\modules\lib\json_simple-1.1.jar;C:\Workspace\modules\lib\log4j-1.2.16.jar;C:\Workspace\modules\lib\commons-beanutils-1.8.3.jar;C:\Workspace\modules\lib\guava-14.0.1.jar;C:\Workspace\modules\lib\commons-httpclient-3.1.jar;C:\Workspace\modules\lib\jedis-2.8.0.jar;C:\Workspace\modules\lib\commons-pool2-2.4.2.jar;C:\Workspace\buildconfig\gen\out;C:\Workspace\modules\lib\cglib-nodep-2.2.3.jar;C:\Workspace\modules\lib\geocode.jar;C:\Workspace\modules\lib\json-org.jar;C:\Workspace\modules\lib\eclipselink.jar;C:\Workspace\modules\lib\dom4j-1.6.1.jar;C:\Workspace\modules\lib\poi-ooxml-schemas-3.7.jar;C:\Workspace\modules\lib\jaxb-api.jar;C:\Workspace\modules\lib\jaxb-core.jar;C:\Workspace\modules\lib\jaxb-impl.jar;C:\Workspace\modules\lib\jaxb-xjc.jar;C:\Workspace\modules\lib\jaxb-jxc.jar;C:\Workspace\modules\lib\gson-2.2.4.jar;C:\Workspace\modules\lib\velocity-1.7.jar;C:\Workspace\modules\lib\commons-lang-2.4.jar;C:\Workspace\modules\lib\poi-3.10-beta2.jar;C:\Workspace\modules\lib\mpxj.jar;C:\Workspace\modules\lib\shiro-core-1.2.3.jar;C:\Workspace\modules\lib\slf4j-api-1.7.6.jar;C:\Workspace\config\email\templates;C:\Workspace\modules\lib\shiro-ehcache-1.2.3.jar;C:\Workspace\modules\lib\ehcache-2.8.1.jar;C:\Workspace\modules\lib\hibernate-c3p0-4.3.4.Final.jar;C:\Workspace\modules\lib\rztbuild.jar;C:\Workspace\modules\lib\quartz-2.2.1.jar;C:\Workspace\modules\lib\aws-java-sdk-1.7.8.1.jar;C:\Workspace\modules\lib\jackson-annotations-2.1.2.jar;C:\Workspace\modules\lib\jackson-databind-2.1.2.jar;C:\Workspace\modules\lib\jackson-core-2.2.3.jar;C:\Workspace\modules\lib\Rhino_1_7R4.jar;C:\Workspace\modules\lib\poi-ooxml-3.9.jar;C:\Workspace\modules\lib\xmlbeans-2.3.0.jar;C:\Workspace\modules\lib\opencsv-2.3.jar;C:\Workspace\modules\lib\BASE64Decoder.jar;C:\Workspace\modules\lib\commons-net-3.3.jar;C:\Workspace\modules\lib\mybatis-3.2.8.jar;C:\Workspace\modules\lib\elasticsearch-1.7.1.jar;C:\Workspace\modules\lib\lucene-core-4.10.4.jar;C:\Workspace\modules\lib\commons-math3-3.5.jar;C:\Workspace\modules\lib\lucene\lucene-core-4.9.0.jar;C:\Workspace\modules\lib\itextpdf-5.5.6.jar;C:\Workspace\modules\lib\joda-time-2.8.jar;C:\Workspace\modules\lib\jcommon-1.0.0.jar;C:\Workspace\modules\lib\jfreechart-1.0.1.jar;C:\Workspace\modules\lib\mysql-connector-java-5.1.37-bin.jar;C:\Workspace\modules\lib\jsoup-1.8.3.jar;C:\Workspace\modules\lib\diffutils-1.3.0.jar;C:\Workspace\modules\lib\grammatica-1.5.jar;C:\Workspace\modules\lib\mibble-mibs-2.9.3.jar;C:\Workspace\modules\lib\mibble-parser-2.9.3.jar;C:\Workspace\modules\lib\snmp6_0.jar;C:\Workspace\modules\lib\concurrent-trees-2.4.0.jar;C:\Workspace\modules\lib\thumbnailator-0.4.8.jar;C:\Workspace\modules\lib\batik-all-1.7.jar;C:\Workspace\modules\lib\xml-apis-ext-1.3.04.jar;C:\Workspace\modules\lib\evo-inflector-1.0.1.jar;C:\Workspace\modules\lib\xmlsec-1.3.0.jar;C:\Workspace\modules\lib\sqlite-jdbc-3.7.2.jar com.em.core.services.impl.DiscoveryService

My questions are,

  1. When i ran from eclipse main method i am able to upload, when i ran from command prompt i am able to upload. But the same code its failing when i packed in jar, even though i added all jar in classpath as well. Why?

  2. How can i fix this error?

Jayashree
  • 23
  • 4
  • the error unable to find valid certification path sounds like java is not finding root or intermediat certificate files. see: http://stackoverflow.com/questions/21076179/pkix-path-building-failed-and-unable-to-find-valid-certification-path-to-requ – at0mzk Oct 26 '16 at 08:32

2 Answers2

0

Java by default comes with a very limited set of root CA certificates, the problem is your running system where amazon s3 ca certificates are missing

Renjith Thankachan
  • 4,178
  • 1
  • 30
  • 47
0

Can you mention the command you are using to fire the main method? The problem clearly says that you have encountered handshake exception, so i assume the certificate path is invalid while running the jar through your command.

naw
  • 39
  • 1
  • 8