• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 229
  • Last Modified:

javax.net.ssl.SSLHandshakeException when accessing an HTTP site.

I'm trying to access an HTTP site.
In my method I have this line: Authenticator.setDefault(new MyAuthenticator());

I also have a subclass:
public class MyAuthenticator extends Authenticator {
  protected PasswordAuthentication getPasswordAuthentication() {
    // Get information about the request
    String promptString = getRequestingPrompt();
    String hostname     = getRequestingHost();
    InetAddress ipaddr  = getRequestingSite();
    int port            = getRequestingPort();
    // Return the information
    return new PasswordAuthentication(
    USERNAME, PASSWORD.toCharArray());
} // end class MyAuthenticator

This usually works okay for me.
But when I ran my program for this particular HTTP site, I got this exception:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found.

I'm not sure how to handle this situation. Could somebody please advice?

Thanks in advance for the help.
1 Solution
You can elect to trust that site using custom socket


Just specify the keystore that contains trusted certificates. See the documentation that came with J2SDK. In case of J2SDK 1.4, you can find it at:


With your trusted certificate issue, you probably need to  add the certificate of the machine that you're authenticating into to Java's "cacerts" trusted certificate keystore using keytool. Be careful because in Windows you may have  two copies of "cacerts" on your machine: a copy in your original Java installation directory, such as <C:\java\jre\lib\security\cacerts>, and one copy in the Java runtime environment's Program Files directory installation, such as <C:\Program Files\Java\j2re1.4.1_03\lib\security>.

 Java looks to the "cacerts" in the Program Files installation directory for trusted certificates, but to be safe you should add the certificate to both "cacerts" keystores.
rnicholusAuthor Commented:

I tried your suggestion.
When I called  InputStream tempStream = url.openStream();   ---> url is an URL object. I got an exception: "HTTPS hostname wrong: should be..."

I check the host name and it's actually okay. I'm not sure why I get that exception.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Specify a HostnameVerifier:

  HostnameVerifier hv = new HostnameVerifier()
        public boolean verify(String urlHostName, SSLSession session)
            return true;
rnicholusAuthor Commented:
As a note,

Solution from objects will work to solve the "HTTPS hostname wrong: should be ... "
But I found same solution somewhere else before objects posted.

Thank you guys,

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now