Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

JAVA  programmatically load the trust KeyStore file when making the ssl context for HTTPS

Posted on 2014-03-26
10
Medium Priority
?
4,376 Views
Last Modified: 2014-04-03
Using Java code, how to  programmatically load the trust keystore file when making the ssl context
Any insights are highly appreciated.
0
Comment
Question by:AKHILKARTHIK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 86

Expert Comment

by:CEHJ
ID: 39956973
0
 

Author Comment

by:AKHILKARTHIK
ID: 39961655
What is this error mean? And how to add the certs programmatically using JAVA to call HTTPS url. I am using HttpsURLConnection to open the HTTPS call.

Exception caught while calling the HTTPS connection::javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not                         build a valid CertPath.; internal cause is:
                              java.security.cert.CertPathValidatorException: The certificate issued by CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net is not trusted; internal cause is:
                              java.security.cert.CertPathValidatorException: Certificate chaining error
0
 
LVL 86

Accepted Solution

by:
CEHJ earned 1500 total points
ID: 39961736
Make sure Entrust.net is definitely in your JRE's list of CAs. What OS are you using?
0
Build and deliver software with DevOps

A digital transformation requires faster time to market, shorter software development lifecycles, and the ability to adapt rapidly to changing customer demands. DevOps provides the solution.

 

Author Comment

by:AKHILKARTHIK
ID: 39962082
So does this mean it is failing because of missing proper certficate chains on servers to trust SSL connection? We are using Websphere and operating system is unix. any idea how programmatically load that keystore and trust that certs when making the ssl context.
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 39962113
Try the below (JAVA_HOME will need to have been set [it should be])
echo 'changeit' | keytool -list -v -keystore $(find $JAVA_HOME -name cacerts) | grep 'Owner:' | grep 'Entrust'

Open in new window

0
 

Author Comment

by:AKHILKARTHIK
ID: 39962341
How to execute this command on my Windows machine? THe same exception seems to be coming even when i am using the local machine (windows XP), using RAD/websphere workspacee. Cna you please send me command to run this on windows.
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 39962384
?? You just said your OS is Unix?
0
 

Author Comment

by:AKHILKARTHIK
ID: 39962418
Windows is used for testing where we have local RAD/websphere workspace for unit testing , UNIX is where our appserver will be running. So i am testing in both and getting the same exception.
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 39962439
You just need to put the correct path in for the cacerts file in Windows
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 39975865
:)
0

Featured Post

The top UI technologies you need to be aware of

An important part of the job as a front-end developer is to stay up to date and in contact with new tools, trends and workflows. That’s why you cannot miss this upcoming webinar to explore the latest trends in UI technologies!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question