-5

I'm getting this error all the time while trying to connect to a remote machine's API and I certainly do not need to check it's certificate when connecting.

ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

How can I get rid of this validation? I've set these variables on my JVM:

-Dcom.sun.net.ssl.checkRevocation=false -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true

I'm using Java 17, with Maven and using Eclipse Spring Tool Suite 4.

Alejandro Pacheco Tejeda
  • 41
  • 7
  • Download the certificate and add it to your jvm keystore. Disabling the ssl check is not a good (or a very bad) idea – Jens Jun 26 '23 at 09:21
  • I've done it already, but as I said, the API is in a remote machine so it will always give this error, also this is for testing, no need of certifications for now – Alejandro Pacheco Tejeda Jun 26 '23 at 09:28
  • *the API is in a remote machine so it will always give this error* isn't that (virtually) *always* the case? Anyway, [loads](https://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https) of stuff on this – g00se Jun 26 '23 at 09:33
  • Based on that `-Dmaven.wagon.http.ssl.insecure=true` are you really using somewhere WAGON? How does your pom file look like? – khmarbaise Jun 26 '23 at 09:50

1 Answers1

0

Do not disable SSL checks. You have to import the whole certificate-chain into your keystore.

Your program then need to add the truststore properties:

System.setProperty("javax.net.ssl.trustStore","clientTrustStore.key"); System.setProperty("javax.net.ssl.trustStorePassword","qwerty");

Oracle Running the client with SSL/TLS

Difference between Key and Trust-Store

Philipp Schneider
  • 352
  • 1
  • 4
  • 12