1

I want to read content of https URL entered by user that we have not any data about certificate key and jks and etc:

<!DOCTYPE html>
<html>
<head>
    <title>Total Synthesis of Fidaxomicin |  | download</title>
</head>
<body>
    <form action="testSSL.jsp">
        <input name="sslRandomUrl" type="text">
        <input type="submit" value="opensslUrl" >
    </form>
</body>

and this is jsp : 

<%@page import="java.net.URL"%>
<%@page import="javax.net.ssl.HttpsURLConnection"%>
<%@page import="java.io.InputStreamReader"%>
<%@page import="java.io.BufferedReader"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>

    <%
        String url = request.getParameter("sslRandomUrl");
        System.out.println("How to open like web browser? >>>"+url);
        URL pdfContainerUrl = new URL(url);
        HttpsURLConnection conn2 = (HttpsURLConnection) pdfContainerUrl.openConnection();// دقت شود https 
        StringBuilder result = new StringBuilder();
        conn2.setRequestMethod("GET");
        BufferedReader br2 = new BufferedReader(new InputStreamReader(conn2.getInputStream(), "UTF-8"));
        String line2;
        while ((line2 = br2.readLine()) != null) {
            result.append(line2);
            System.out.println(line2);
        }
        out.print(result);
    %>

but i have this error for many URLs:

ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

How to force jdk to open all https URLs ?

MrSalesi
  • 377
  • 3
  • 17
  • 2
    You are aware of the security implications if you override this? – Henry Apr 30 '18 at 16:22
  • Dear friend, There is any problem about security implications, just working code please. – MrSalesi Apr 30 '18 at 16:29
  • Possible duplicate of ["PKIX path building failed" and "unable to find valid certification path to requested target"](https://stackoverflow.com/questions/21076179/pkix-path-building-failed-and-unable-to-find-valid-certification-path-to-requ) – SeverityOne Apr 30 '18 at 16:55

1 Answers1

1

You could try inserting this in your JSP:

    /* Start of Fix */
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }
        public void checkClientTrusted(X509Certificate[] certs, String authType) { }
        public void checkServerTrusted(X509Certificate[] certs, String authType) { }

    } };

    SSLContext sc = SSLContext.getInstance("SSL");
    sc.init(null, trustAllCerts, new java.security.SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

    // Create all-trusting host name verifier
    HostnameVerifier allHostsValid = new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) { return true; }
    };
    // Install the all-trusting host verifier
    HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
    /* End of the fix*/

Source: How to ignore PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException?

drone6502
  • 433
  • 2
  • 7
  • 1
    error : is not abstract and does not override abstract method checkServerTrusted(X509Certificate[],String) in X509TrustManager ---- – MrSalesi May 04 '18 at 17:17