JAVA programmatically load the trust KeyStore file when making the ssl context for HTTPS

Using Java code, how to  programmatically load the trust keystore file when making the ssl context
Any insights are highly appreciated.
AKHILKARTHIKAsked:
Who is Participating?
 
CEHJConnect With a Mentor Commented:
Make sure Entrust.net is definitely in your JRE's list of CAs. What OS are you using?
0
 
CEHJCommented:
0
 
AKHILKARTHIKAuthor Commented:
What is this error mean? And how to add the certs programmatically using JAVA to call HTTPS url. I am using HttpsURLConnection to open the HTTPS call.

Exception caught while calling the HTTPS connection::javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not                         build a valid CertPath.; internal cause is:
                              java.security.cert.CertPathValidatorException: The certificate issued by CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net is not trusted; internal cause is:
                              java.security.cert.CertPathValidatorException: Certificate chaining error
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
AKHILKARTHIKAuthor Commented:
So does this mean it is failing because of missing proper certficate chains on servers to trust SSL connection? We are using Websphere and operating system is unix. any idea how programmatically load that keystore and trust that certs when making the ssl context.
0
 
CEHJCommented:
Try the below (JAVA_HOME will need to have been set [it should be])
echo 'changeit' | keytool -list -v -keystore $(find $JAVA_HOME -name cacerts) | grep 'Owner:' | grep 'Entrust'

Open in new window

0
 
AKHILKARTHIKAuthor Commented:
How to execute this command on my Windows machine? THe same exception seems to be coming even when i am using the local machine (windows XP), using RAD/websphere workspacee. Cna you please send me command to run this on windows.
0
 
CEHJCommented:
?? You just said your OS is Unix?
0
 
AKHILKARTHIKAuthor Commented:
Windows is used for testing where we have local RAD/websphere workspace for unit testing , UNIX is where our appserver will be running. So i am testing in both and getting the same exception.
0
 
CEHJCommented:
You just need to put the correct path in for the cacerts file in Windows
0
 
CEHJCommented:
:)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.