If a web server is using a self-signed or unknown certificate, your JSSE application will encounter the javax.net.ssl.SSLHandshakeException complaining "unable to find valid certification path to requested target" when trying to connect to it.
If you know for sure that the server can be trusted, you can use InstallCert.java to add the server's certificate to your trusted keystore:
1. Google and download InstallCert.java
2. Compile InstallCert.java
javac InstallCert.java
3. Access the server with InstallCert to retrieve the certificate:
java InstallCert <server_name>:<port>
4. Add the server's certificate to the keystore jssecacerts in the same directory. The file jssecacerts will be generated if it is not there.
5. Copy jssecacerts into your $JAVA_HOME/jre/lib/security directory
Now your JSSE application should be able to handshake successfully with the server.
Sunday, March 17, 2019
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment