Solving "unable to find valid certification path" without turning off security or manually appending cacerts

Asked Sep 09 '18 at 12:53

Active Sep 09 '18 at 16:20

Viewed 72 times

I'm getting an exception when trying to connect to a site:

javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: 
    unable to find valid certification path to requested target

I've read that I would need to add the public key of the site to the cacerts file. Or I've seen solutions where they completely turn off this security feature.

Is it possible to add that one public key to the trusted keys from code?

edit: I would like to connect to this site from this application only, there is no need to add it globally for other Java programs. This would be a client application that should not really modify the host environment.

edited Sep 09 '18 at 16:20

asked Sep 09 '18 at 12:53

user

6,567
18
58
85

1

You implement your own custom TrustManager, then use that to initialize an SSLContext, then you can retrieve an SSLSocketFactory from this SSLContext that will use your TrustManager. See [this question](https://stackoverflow.com/q/24555890/238704) and answer for most of the details, though you'll need to adapt it for your needs. – President James K. Polk Sep 09 '18 at 18:11

Solving "unable to find valid certification path" without turning off security or manually appending cacerts

0 Answers0