Wednesday, 16 September 2020

How To Fix "unable to find valid certification path to requested target" Error

If you are here, that means probably you have encountered below error:

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
        at sun.security.validator.Validator.validate(Validator.java:260)
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)
        ... 101 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)


That happens when you try to connect to a https url from Java application & that remote server SSL certificate is not trusted by your JVM. Basically Java has a Truststore where it stores root certificates & intermediate certificates from Certified Authorities (CA). So in case the remote server is using a self-signed certificate or a certificate from not a well-known CA, there is a chance that the root & intermediate certificates of the CA are not present in your Java Truststore. You need to add it manually.

I found out a small Java program online that can easily help you with that. You can just check this link & follow the steps to add certificates to your Java Truststore. This program also validates if the certificates are already added & working properly.

But just make sure you do really know the remote server before adding their certificates to your Java Truststore.

No comments:

Post a comment

How To Solve "Caused by: org.hibernate.HibernateException: Missing table" When Table Is Present In Database

If you are using JPA or Hibernate directly and got that exception while starting your application, there is one obvious reason for that. You...