Sending XML over HTTPS causes a javax.net.ssl.SSLHandshakeException

My web application gets information from web services provided by an outside company.  Some of this information doesn't need to be secured and a simple HttpURLConnection is opened passing the xml string as a URL parameter.  This works fine.  

For the sensitive information I am supposed to send the information to the https URL so I created a HttpsURLConnection.  When I try to get the InputStream on this line (bin = new BufferedInputStream(connection.getInputStream());)  it throws the following exception:

Opening connection...
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:846)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
        at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:905)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
        at sun.security.validator.Validator.validate(Validator.java:203)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
        at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:839)

Do I need to ask them for a certificate?  Is there anyway to not require this?  I am currently running Tomcat 5.5.9 on my Windows XP system.  

Here is the code:

    public static final String XML_URL = "http://xml.xyzcompany.com/xml.jsp?xml=";
    public static final String SECURE_XML_URL = "https://xml.xyzcompany.com/xml.jsp?xml=";

    public static String getXMLResponse(String query) {
        StringBuffer sb = new StringBuffer();
        HttpURLConnection connection = null;
       
        try {
            String xmlQuery = XML_URL + query;
            System.out.println("NEW XML QUERY = " + xmlQuery);
           
            URL u = new URL(xmlQuery);
            System.out.println("Opening connection...");
            URLConnection uc = u.openConnection();
           
            connection = (HttpURLConnection) uc;
            connection.setDoOutput(true);
            connection.setDoInput(true);
            connection.setRequestMethod("POST");
           
            // Send the request and get the response.
            bin = new BufferedInputStream(connection.getInputStream());
            int ch=0;
            while((ch=bin.read())> -1) {
                sb.append((char)ch);
            }
        } catch (IOException ioe) {
            //System.err.println(ioe);
            ioe.printStackTrace();
        } finally {
            try {
                if(null != bin) {
                    bin.close();
                }
            } catch (IOException ioe) {
                ioe.printStackTrace();
            }
           
            if(null != connection) {
                System.out.println("Closing connection...");
                connection.disconnect();
            }
           
        }
       
        System.out.println("response = " + sb.toString());
        return sb.toString();
       
    }
   
    public static String getSecureXMLResponse(String query) {
        StringBuffer sb = new StringBuffer();
        HttpsURLConnection connection = null;
       
        try {
            String xmlQuery = SECURE_XML_URL + query;
            System.out.println("NEW XML QUERY = " + xmlQuery);
           
            URL u = new URL(xmlQuery);
            System.out.println("Opening connection...");
            URLConnection uc = u.openConnection();
           
           
            connection = (HttpsURLConnection) uc;
            connection.setDoOutput(true);
            connection.setDoInput(true);
            connection.setRequestMethod("POST");
           
            // Send the request and get the response.
            bin = new BufferedInputStream(connection.getInputStream());
            int ch=0;
            while((ch=bin.read())> -1) {
                sb.append((char)ch);
            }
        } catch (IOException ioe) {
            //System.err.println(ioe);
            ioe.printStackTrace();
        } finally {
            try {
                if(null != bin) {
                    bin.close();
                }
            } catch (IOException ioe) {
                ioe.printStackTrace();
            }
           
            if(null != connection) {
                System.out.println("Closing connection...");
                connection.disconnect();
            }
           
        }
       
        System.out.println("response = " + sb.toString());
        return sb.toString();
    }
nateforrest1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

WelkinMazeCommented:
Hi,

You can look here for how to create your own certificate:
http://www.experts-exchange.com/Programming/Programming_Languages/Q_21818679.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
XML

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.