Getting SSL Handshake exception. PKIX path building failed: unable to find valid certification path to requested target #36
Comments
|
Hello, Just wanted to know if you have any insight into the issue I am running into for PKIX. Any help is greatly appreciated. |
|
Hi, Sorry, for whatever reason I missed the notification of your issue. I'll look into it. Their certificate just renewed on 2/11/17 so they must have used some cheap SSL cert authority that isn't in the Java 8 cert store by default. What you're trying to do looks like it should be the solution but clearly that's not working for you. I'll get back to you shortly. Jim |
|
Oh, I think I see an issue with your command to pull the certificate |
|
Try changing references to quandl.com to www.quandl.com |
|
In all your commands. For some reason they bought the certificate on www and have a redirect and I recall from an issue a couple of years back that jersey client didn't like redirected Https certs. |
|
Any luck with my suggestions? |
Hello,
I am getting the following error while making above calls. I have already added the necessary certificates to my jdk/jre keystore but no luck.
openssl s_client -connect quandl.com:443>public.crt (copy content including begin and end certificate lines)
C:\Program Files\Java\jdk1.8.0_141\bin>keytool -import -alias quandl.com -keystore ../jre/lib/security/cacerts -file public.crt (if prompted for a passport type: changeit)
keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
and here is the exception that is getting thrown from the java app.
............
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) ~[na:1.8.0_141]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[na:1.8.0_141]
at sun.security.validator.Validator.validate(Validator.java:260) ~[na:1.8.0_141]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[na:1.8.0_141]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[na:1.8.0_141]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[na:1.8.0_141]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496) ~[na:1.8.0_141]
... 43 common frames omitted
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[na:1.8.0_141]
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[na:1.8.0_141]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[na:1.8.0_141]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) ~[na:1.8.0_141]
... 49 common frames omitted
The text was updated successfully, but these errors were encountered: