valid certification path error when calling a REST service with Jwt token (java)

Question

I have a rest webservice, which is being called by a java program. the rest service providers have given us a jwt token. and when i test this same in chrome (swagger) or postman client, it works fine. When i try to call it from java (webclient).the program throws an error:

 javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking <rest path>: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

this is how it is called:

     Response response = WebClient.create("url")
    .accept(MediaType.TEXT_PLAIN).header(HttpHeaders.AUTHORIZATION, "Bearer "+ <jwt token>).header(HttpHeaders.CONTENT_TYPE, "application/json").get();

Have anybody faced this ?

Check if this works for you [Spring 5 WebClient using ssl](https://stackoverflow.com/a/45441205/8266370) — Dusayanta Prasad, Jun 21 '21 at 11:18
thanks @DusayantaPrasad, but in production what can be done ? any idea ? i dont want to use that flag in prod — Parameswar, Jun 21 '21 at 12:09

score 2 · Answer 1 · answered Jun 21 '21 at 12:16

2

Java can't verify the certificates authenticaity. This can happen when self-signed certificates are used, but not only. When accessing from Chrome did you have to accept an untrusted certificate?

If the certificate is fine and you really trust it, you can have a look for example at this article to learn how to add a certificate to a trust store.

answered Jun 21 '21 at 12:16

Michal Trojanowski

10,641
2
22
41

i didnt have to accept anything.it just worked when using swagger through chrome,but thanksi will have a look at the article.. – Parameswar Jun 21 '21 at 13:39

valid certification path error when calling a REST service with Jwt token (java)

1 Answers1