PKIX error while receiving server certificate by InstallCert.java

Question

I am Trying to get servers ssl certificate by using installCert.java

in the link Below

https://github.com/escline/InstallCert/blob/master/InstallCert.java

I can get server cert for some servers but while trying to get some servers certificates I get error below

javax.net.ssl.SSLHandshakeException:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:

I searched, but everyone says that you should enter your cert file to java cacerts but I use this java class to fetch certificate file.

Also I get the error at socket.startHandshake();

    System.out.println("Opening connection to " + host + ":" + port + "...");
    SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
    socket.setSoTimeout(10000);
    try {
        System.out.println("Starting SSL handshake...");
        socket.startHandshake();
        socket.close();
        System.out.println();
        System.out.println("No errors, certificate is already trusted");
    } catch (SSLException e) {

pedrofb pedrofb · Accepted Answer · 2017-09-06T12:30:30

The error means that your JVM does not trust the server certificate

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException

You need to include manually the CA root certificate in the truststore of the JVM, by default the cacerts file. The CA root is the issuer of the server certificate or of an intermediate entity if exists

PKIX error while receiving server certificate by InstallCert.java

1 Answers