0

I'm having a problem using truststore/keystore in java. My code goes like this. I have tried also all the suggestion I searched here Error - trustAnchors parameter must be non-empty , the cacerts exists in the specified path, I have permission to cacerts and it's also not expired but there still appears to have an error.

    URL obj = null;
    try {
        obj = new URL(url);
    } catch (MalformedURLException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
        return InternalError();
    }

    System.setProperty("javax.net.ssl.trustStore", "path/to/trustStore");
    System.setProperty("javax.net.ssl.trustStorePassword","changeit");

    HttpsURLConnection conn = null;
    try {
        conn = (HttpsURLConnection) obj.openConnection();
        conn.setDoOutput(true);
        conn.setDoInput(true);
        conn.setRequestProperty("Content-Type", "application/json");
        conn.setRequestProperty("X-Gateway-Auth", "gatewayAuth");
        conn.setRequestMethod("POST");
    } catch (IOException e3) {
        // TODO Auto-generated catch block
        e3.printStackTrace();
        return InternalError();
    }

    String data = "{\"mobile_number\":" +mobileNumber+ ",\"pin\":" +pin+ "}";
    OutputStreamWriter out = null;
    try {
        out = new OutputStreamWriter(conn.getOutputStream());
        out.write(data);
        out.flush();
    } catch (IOException e2) {
        // TODO Auto-generated catch block
        e2.printStackTrace();
        return InternalError();
    }

I always get the "the trustAnchors parameter must be non-empty" error specifically on line out = new OutputStreamWriter(conn.getOutputStream());

javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Will
  • 3
  • 3
  • 1
    You have bigger problems than that. You are simply **ignoring** any exceptions! Yes, you are *printing* them, but your program simply continues. Hint: if the first try block throws, then **obj** will be **null** later on. In other words: you should **seriously** learn such **basics** before thinking about coding security related things. – GhostCat Dec 19 '17 at 09:01
  • Questions seeking debugging help ("why isn't this code working?") must include the desired behavior, a specific problem or error and the shortest code necessary to reproduce it in the question itself. Questions without a clear problem statement are not useful to other readers. See: How to create a [mcve]. Use the [edit] link to improve your *question* - do not add more information via comments. Thanks! – GhostCat Dec 19 '17 at 09:02
  • Hi, as I said I already tried all the suggestions on this thread "Error - trustAnchors parameter must be non-empty" but still getting the error. – Will Dec 19 '17 at 09:16
  • "I tried all the suggestions here" isn't very helpful. When you have read **other** questions, then please include links in your question. And then: that duplicate question has **28** answers. Did you really check **all** of them? – GhostCat Dec 19 '17 at 09:20

0 Answers0