Results 1 to 4 of 4
  1. #1
    Marcus is offline Member
    Join Date
    Jun 2007
    Posts
    92
    Rep Power
    0

    Default java.security.cert.CertificateException: Couldn't find trusted certificate

    I had the following code to connect to a site on a server. The server is using https, which causes the error

    javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Couldn't find trusted certificate


    I have saved the certificate for reference and I assume to I need to tell the program to look at that but this will happen every time there is a new certificate

    Changing the HttpURLConnection object to HttpsURLConnection throws up a 'java.lang.ClassCastException' error coz its an abstract class..

    Java Code:
    java.util.Properties propSy = System.getProperties();
             propSy.put("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
           
             System.setProperties(propSy);
             java.security.Security.insertProviderAt(new sun.security.provider.Sun(),2);
             java.security.Security.addProvider(new sun.security.provider.Sun());
             java.security.Security.insertProviderAt(new com.sun.net.ssl.internal.ssl.Provider(),1);
             
     
             System.setProperty("javax.net.ssl.trustStore", "keystore_filename");
     
             java.security.Provider myprov = java.security.Security.getProvider("SunJSSE");
     
     
     	HttpsURLConnection c;
     
     		try {
     			URL url = new URL ( rptUrl );
     			c = (HttpsURLConnection)url.openConnection();
     			
     			//set cache and request method settings
     		    c.setUseCaches(false);
     
     		    //set other headers
     		    c.setRequestProperty ("Content-Type", "application/pdf");
     		    
     		    //connect to the server..
     		    c.connect();
     		}
    Any ideas? Thanks.

    Marcus:cool:

  2. #2
    Daniel is offline Member
    Join Date
    Jun 2007
    Posts
    91
    Rep Power
    0

    Default

    One problem people have with Java and SSL is that the certificate manager will reject any self signed certificates.

    This is common when you are doing development or are using an internal certificate that you don't want to pay money for from a commercial certificate authority.

    One way to handle this is to simply accept any certificate, regardless of what it has in it. Below is a simple program to do just that, it reads a URL and, regardless of what the certificate says, prints out the contents of the URL.

    Java Code:
    package com.xigole.util.ssl;
     
     import java.io.IOException;
     import java.io.InputStream;
     import java.net.MalformedURLException;
     import java.net.URL;
     import java.net.URLConnection;
     
     import javax.net.ssl.HttpsURLConnection;
     import javax.net.ssl.SSLContext;
     import javax.net.ssl.TrustManager;
     import javax.net.ssl.X509TrustManager;
     
     public class SelfSignedCertTest {
     	public static void main(String[] argv) {
     		if (argv.length != 1) {
     			System.err.println("usage: SelfSignedCertTest hostname");
     			System.exit(1);
     		}
     
     		TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
     			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
     				return null;
     			}
     
     			public void checkClientTrusted(
     					java.security.cert.X509Certificate[] certs, String authType) {
     			}
     
     			public void checkServerTrusted(
     					java.security.cert.X509Certificate[] certs, String authType) {
     				System.out.println("authType is " + authType);
     				System.out.println("cert issuers");
     				for (int i = 0; i < certs.length; i++) {
     					System.out.println("\t" + certs[i].getIssuerX500Principal().getName());
     					System.out.println("\t" + certs[i].getIssuerDN().getName());
     		  	   }
     			}
     		} };
     
     		try {
     			SSLContext sc = SSLContext.getInstance("SSL");
     			sc.init(null, trustAllCerts, new java.security.SecureRandom());
     			HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     		} catch (Exception e) {
     			e.printStackTrace();
     			System.exit(1);
     		}
     
     		URL url = null;
     		try {
     			url = new URL("https", argv[0], 443, "/");
     		} catch (MalformedURLException mue) {
     			mue.printStackTrace();
     			System.exit(1);
     		}
     
     		try {
     			URLConnection connection = url.openConnection();
     
     			InputStream is = connection.getInputStream();
     			byte[] buffer = new byte[1024];
     			int bytesRead = 0;
     
     			while ((bytesRead = is.read(buffer)) != -1)
     				System.out.println(new String(buffer, 0, bytesRead));
     		} catch (IOException ioe) {
     			ioe.printStackTrace();
     			System.exit(1);
     		}
     	}
     }
    Greetings.

    Daniel:o

  3. #3
    Eric is offline Senior Member
    Join Date
    Jun 2007
    Posts
    111
    Rep Power
    0

    Default

    I attach a zip file with a build.xml so that you can build the program with ant.

    Greetings.

    Eric
    Attached Files Attached Files

  4. #4
    kevina is offline Member
    Join Date
    Jan 2010
    Posts
    1
    Rep Power
    0

    Default import javax.net.ssl.*;import javax.net.*; :all these are not recognized!!!

    Dear Eric and all members, am unable to run the selfsign.zip codes...am having same errors with other java applications using SSL.

    In my codes itself, import.javax.net; import.net.SSL; import javax.security.cert.X509Certificate; all these are underlined red and is not recognized!
    It says cannot be resolved to a type..do i need to include any package and library?!

    I have done some research and am getting lots of different things on EAServer Client machine, jaguar server and so on..am quite confused!

    Please help!
    Thanking you in advance and waiting for an early response!

    kind Regards
    kevina

Similar Threads

  1. Java certificate
    By Nick15 in forum Java Certification
    Replies: 2
    Last Post: 11-12-2007, 06:02 AM
  2. Replies: 4
    Last Post: 08-10-2007, 10:09 PM
  3. java.security.AccessControlException
    By cecily in forum Java Applets
    Replies: 1
    Last Post: 08-06-2007, 02:49 AM
  4. Replies: 1
    Last Post: 07-23-2007, 11:59 PM
  5. Java cert exam samples
    By orchid in forum New To Java
    Replies: 5
    Last Post: 06-04-2007, 09:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •