Solved

JAVA  programmatically load the trust KeyStore file when making the ssl context for HTTPS

Posted on 2014-03-26
10
3,739 Views
Last Modified: 2014-04-03
Using Java code, how to  programmatically load the trust keystore file when making the ssl context
Any insights are highly appreciated.
0
Comment
Question by:AKHILKARTHIK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 86

Expert Comment

by:CEHJ
ID: 39956973
0
 

Author Comment

by:AKHILKARTHIK
ID: 39961655
What is this error mean? And how to add the certs programmatically using JAVA to call HTTPS url. I am using HttpsURLConnection to open the HTTPS call.

Exception caught while calling the HTTPS connection::javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not                         build a valid CertPath.; internal cause is:
                              java.security.cert.CertPathValidatorException: The certificate issued by CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net is not trusted; internal cause is:
                              java.security.cert.CertPathValidatorException: Certificate chaining error
0
 
LVL 86

Accepted Solution

by:
CEHJ earned 500 total points
ID: 39961736
Make sure Entrust.net is definitely in your JRE's list of CAs. What OS are you using?
0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 

Author Comment

by:AKHILKARTHIK
ID: 39962082
So does this mean it is failing because of missing proper certficate chains on servers to trust SSL connection? We are using Websphere and operating system is unix. any idea how programmatically load that keystore and trust that certs when making the ssl context.
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 39962113
Try the below (JAVA_HOME will need to have been set [it should be])
echo 'changeit' | keytool -list -v -keystore $(find $JAVA_HOME -name cacerts) | grep 'Owner:' | grep 'Entrust'

Open in new window

0
 

Author Comment

by:AKHILKARTHIK
ID: 39962341
How to execute this command on my Windows machine? THe same exception seems to be coming even when i am using the local machine (windows XP), using RAD/websphere workspacee. Cna you please send me command to run this on windows.
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 39962384
?? You just said your OS is Unix?
0
 

Author Comment

by:AKHILKARTHIK
ID: 39962418
Windows is used for testing where we have local RAD/websphere workspace for unit testing , UNIX is where our appserver will be running. So i am testing in both and getting the same exception.
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 39962439
You just need to put the correct path in for the cacerts file in Windows
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 39975865
:)
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

By the end of 1980s, object oriented programming using languages like C++, Simula69 and ObjectPascal gained momentum. It looked like programmers finally found the perfect language. C++ successfully combined the object oriented principles of Simula w…
Basic understanding on "OO- Object Orientation" is needed for designing a logical solution to solve a problem. Basic OOAD is a prerequisite for a coder to ensure that they follow the basic design of OO. This would help developers to understand the b…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question