1
votes

hi all i use this code to connect https and its work fine on my pc but when i upload to my server dont work

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
at mehritco.ir.connection.URLConnection.read(URLConnection.java:38)
at mehritco.ir.cortexclient.objects.invoice.Price.setExchangeRate(Price.java:42)

and this log file dont show at local pc!

here the my code for connect to https/ssl

public String readLinkInJson(String url, String data) throws MalformedURLException, IOException {
    URL obj = new URL(url);
    System.out.println(data);
    HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
    con.setHostnameVerifier(hv);
    con.setRequestMethod("POST");
    con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
    con.setRequestProperty("User-Agent", "Mozilla/5.0");
    con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
    con.setDoOutput(true);
    // For POST only - START
    try (OutputStream os = con.getOutputStream()) {
        os.write(data.getBytes("UTF-8"));
        os.flush();
    }
    // For POST only - END
    String inputLine;
    StringBuilder response = new StringBuilder();
    int responseCode = con.getResponseCode();
    if(responseCode >= 400){
    try (BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()))) {
        while ((inputLine = in.readLine()) != null) {
            response.append(inputLine);
        }
    }
    }else{
    try (BufferedReader in = new BufferedReader(new InputStreamReader(con.getErrorStream()))) {
        while ((inputLine = in.readLine()) != null) {
            response.append(inputLine);
        }
    }
    }
    return response.toString();

}

so what can i do? please help me to find right code...

1
did you have add a certificate in your java trust store in your remote server?Mançaux Pierre-Alexandre
no , how i can? @MançauxPierre-Alexandreuser4837435
get the client certificate of your server and add it to your java trustore: stackoverflow.com/questions/373295/… or this comment can help you if you don t have the certificate stackoverflow.com/a/23162215/3414468Mançaux Pierre-Alexandre
with your code i change set requestmethod to GET and call google.fr and it work, be carrefull with if(responseCode >= 400), here you getIntpustream instead of errorStream...and in else you read errorStream... if you are looking for your truststore or keystore file, they are in jour jvm directory, google can help you to find itMançaux Pierre-Alexandre
yes , Thanks @MançauxPierre-Alexandreuser4837435

1 Answers

1
votes

i found my answer!

 TrustManager[] trustAllCerts = new TrustManager[]{
            new X509TrustManager() {
                @Override
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }

                @Override
                public void checkClientTrusted(
                        java.security.cert.X509Certificate[] certs, String authType) {
                }

                @Override
                public void checkServerTrusted(
                        java.security.cert.X509Certificate[] certs, String authType) {
                }
            }
        };

        try {
            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, trustAllCerts, new java.security.SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        } catch (GeneralSecurityException e) {
        }

add this code befor make url object.