SSLPeerUnverifiedException: peer not authenticated

Yet again, the dreary Problem of SSLPeerUnverified, but I'm not using self signed certificates. I try to connect to a host using https. This host has a correct certificate, neither Firefox nor HttpsUrlConnection has any problems with it. However trying to connect using HttpClient, I get the dreaded exception.

Any clues? Or tip where to look closer?

Thanks!

Edit: Debug output

main, handling exception:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target

main, IOException in getSession():

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: 
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target

Answers


It seems that you need to import the certificate into the trusted keystore your JVM is using. If you are not using a different trusted keystore in your application this will be "cacerts".

You can follow a step by step guide at "How to Fix 'SSLPeerUnverifiedException: peer not authenticated' Exception in Groovy / Java ".

Short version:

  1. Run the following command, replace $ADDRESS with the URL, minus the "https://":

    echo -n | openssl s_client -connect $ADDRESS:443 | \
      sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/$ADDRESS.cert
    
  2. Run the following command, replace $ALIAS a short name for the key, $ADDRESS with the cert name from above, $PATH with the path to cacerts in your JRE.

     sudo keytool -importcert -alias "$ALIAS" -file /tmp/$ADDRESS.cert \
       -keystore $PATH/cacerts -storepass changeit
    

Previous answer link doesn't work, so I attach additional:

https://blogs.oracle.com/java-platform-group/entry/self_signed_certificates_for_a


Need Your Help

How to draw photo with correct orientation in canvas after capture photo by using input[type='file'] in mobile web browser?

javascript html5 canvas html5-canvas drawimage

I am making a simple web app in mobile which allow visitor to capture photo by using html5 input[type=file] element. Then I will display it on the web for preview, and then visitor can choose to up...

PHP : writing a simple removeEmoji function

php instagram emoji

I'm looking for a simple function that would remove Emoji characters from instagram comments. What I've tried for now (with a lot of code from examples I found on SO & other websites) :