![]() ![]() ![]() This truststore contains 95 entries with the name of the Root CA along with trusted SHA-1 certificate fingerprints as shown below:.Keytool -keystore $JAVA_HOME/jre/lib/security/cacerts -list The default password for the truststore: changeit Use the following command (on Unix, a similar command is available in other OSes) to list the existing certs in the truststore:.cacerts is where Java stores public certificates of trusted Root CAs cacerts is the default Java truststore.Navigate to the $JAVA_HOME/jre/lib/security folder for the cacerts file.Replace spaces in the fingerprint with colonsĪ8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36 List all the trusted public Root CAs in your Java truststore.Root CA for with the highlighted SHA-1 fingerprint Viola, I could successfully access the HTTPS endpoint from my application! Since I could connect to the endpoint in the browser over SSL, I extracted the Root CA certificate from the browser and inserted it into my Java truststore. I didn’t know where to look for the right certificate so I did a bit of digging. The trust is handled by having root and intermediate (may not be required if using the default JVM security setting) certificates of your SSL certificate on a trusted keystore which I was missing. The error message indicates that the application could not establish a secured connection over SSL (you may see this issue if you are using a certificate that is issued by an internal Certificate Authority or Self-Signed certificate). Caused by: .SunCertPathBuilderException: unable to find valid certification path to requested target Recently, while I started an application on my local system that connects to an HTTP service endpoint over SSL, I got an error (shown below) as the application was not able to recognize the Root Certificate Authority(CA) of the endpoint. ![]() If you have faced any of these issues, this article might help. Is your version of Java unable to recognize a Root CA?.Has your server’s HTTPS SSL certificate changed?.Do you know where to fetch certificates?.Were you ever able to connect to an HTTPS service endpoint from your browser but not from a Java application?. ![]()
0 Comments
Leave a Reply. |