开发者

SSL connection from Java

开发者 https://www.devze.com 2022-12-29 14:41 出处:网络
I am trying to make a test SSL connection using the following Java code: String httpsURL = \"https://www.somehost.com\";

I am trying to make a test SSL connection using the following Java code:

String httpsURL = "https://www.somehost.com";
URL myurl = new URL(httpsURL);
HttpsURLConnection con = (HttpsURLConnection)myurl.openConnection();

InputStream ins = con.getInputStream();
InputStreamReader isr=new InputStreamReader(ins);
BufferedReader in =new BufferedReader(isr);

String inputLine;

while ((inputLine = in.readLine()) != null)
    System.out.println(inputLine);

in.close();

When I connect to Host A everything works fine - the connection is made and the response is received.

However when I connect to Host B, which is secured by a certificate that is issued by the same authority as Host A's, I receive the following exception:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Everything that I have开发者_如何学运维 read so far suggests that I need to install the certificates in my keystore, however if that were the solution then why does Host A work whilst Host B doesn't?

As a probably unhelpful aside - if I write a similar piece of C# code then the connection is successfully negotiated for both Hosts A and B - the same applies for navigating to the URL in the browser.


Most likely causes are,

  1. The Host B uses a self-signed certificate.
  2. The certificate is signed by CA which is not in your trust store.
  3. The cert is signed with an intermediate cert but Host B is misconfigured so it doesn't send the server cert with intermediate cert.

For #1, #2, you need to import the cert or the CA cert into your trust store.

For #3, tell host B to send the intermediate cert.


This probably is because you dont have a valid path for the certificate or maybe because you dont have a CA certificate of verising o some company like that.

0

精彩评论

暂无评论...
验证码 换一张
取 消