tag:blogger.com,1999:blog-668930342578805175.post7044262934319300483..comments2024-01-02T14:01:31.524+01:00Comments on Java code skeletons, tips and pointers: Avoiding the "javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed" errorMathiashttp://www.blogger.com/profile/09041686057881281007noreply@blogger.comBlogger12125tag:blogger.com,1999:blog-668930342578805175.post-75639421796358712852013-08-28T05:29:29.241+02:002013-08-28T05:29:29.241+02:00this can be resolved in two ways: the client trust...this can be resolved in two ways: the client trust all certificates or server-side add a certificate, the specific cause analysis and solutions see: http://www.trinea.cn/android/android-java-https-ssl-exception-2/Anonymoushttps://www.blogger.com/profile/00354733786441891571noreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-81444129107625354712013-04-13T09:00:42.730+02:002013-04-13T09:00:42.730+02:00Thanks for sharing these helpful points and great ...Thanks for sharing these helpful points and great knowledge with us. I'm glad you provided helpful illustrations of most points.Thanks for the detailed guidance.<br /><a href="http://www.buraq-technologies.com" rel="nofollow"> website design </a>Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-49041375841965822092013-04-05T12:41:07.260+02:002013-04-05T12:41:07.260+02:00Yes it is possible ..
Yes it is possible ..<br />rahulhttps://www.blogger.com/profile/02886011548156275352noreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-12902846077488447802012-05-15T13:17:39.559+02:002012-05-15T13:17:39.559+02:00Hi,
Can a server be used to act as both client...Hi,<br /> Can a server be used to act as both client and server ie I want the server to send the request from a client to another server with different certificate.Is this possible?<br /><br />Regards,<br />B.PrakashPrakashhttps://www.blogger.com/profile/06865611120046357062noreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-88823055349927219042012-03-22T04:24:53.967+01:002012-03-22T04:24:53.967+01:00Hi,
I am facing big problem with this HTTPS. I am...Hi,<br /><br />I am facing big problem with this HTTPS. I am very new to the field i am not aware of HTTPs more. <br />Basically my requirement is i need to send a request server which is running on HTTPs port with some parameters the server will give response as part of response headers. i need to read the headers and do the further process.<br /><br />Can you help me to fix the issue. Iam always getting <br />javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: error.<br /><br />Thanks & Regards,<br />kishorepa1https://www.blogger.com/profile/16186586511453965978noreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-47140830555064322282012-02-09T21:17:06.951+01:002012-02-09T21:17:06.951+01:00Wonderful! Works perfect! I can't thank you ...Wonderful! Works perfect! I can't thank you enough for this!Viktorhttps://www.blogger.com/profile/09064910927386050869noreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-16372542934472401802011-02-02T17:32:13.000+01:002011-02-02T17:32:13.000+01:00Thanks for sharing this!One question:Will this tru...Thanks for sharing this!<br>One question:<br>Will this trust all servers ONLY in this class? Or does it affect everything running in the same JVM?arne andnoreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-86981791658572754582011-02-02T17:57:47.000+01:002011-02-02T17:57:47.000+01:00Hi Arne,This will affect all newly created SSL Soc...Hi Arne,<br><br>This will affect all newly created SSL Sockets in the JVM. If you only want to apply it to one connection, you can use the setSSLSocketFactory method on the HttpsURLConnection class instead. I don't think there's a way to just tie it to one class.mathiasdegroofhttp://theskeleton.wordpress.comnoreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-80984164949905238592011-02-03T10:50:56.000+01:002011-02-03T10:50:56.000+01:00Thanks for your answer. Thats exactly what i'm...Thanks for your answer. Thats exactly what i'm looking for. I have one connection i'd want to bypass the certificate validation. <br>I took a look at the setSSLSocketFactory and the SSLSocketFactory, but with my limited skills im unable to pinpoint exactly what needs to be set for it to do what i want.<br>If you'd like to point me even further in the right direction, that would be great!<br><br>Thanksarne andnoreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-22872376857625092702011-02-03T11:46:45.000+01:002011-02-03T11:46:45.000+01:00Sure, it's actually just one line that needs t...Sure, it's actually just one line that needs to be changed. The line<br><br>SSLContext.setDefault(ctx);<br><br>needs to be removed, since this sets the default for ALL new sockets.<br>You will need to add the following line instead:<br><br>conn.setSSLSocketFactory(ctx.getSocketFactory());<br><br>this will get a socket factory from the context you initialized and apply it only to that one connection. Here's the final code:<br><br> public static void main(String[] args) throws NoSuchAlgorithmException, KeyManagementException, MalformedURLException, IOException {<br> X509TrustManager tm = new X509TrustManager() {<br> @Override<br> public X509Certificate[] getAcceptedIssuers() {<br> return null;<br> }<br><br> @Override<br> public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {<br><br> }<br><br> @Override<br> public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {<br> }<br> };<br> SSLContext ctx = SSLContext.getInstance("TLS");<br> ctx.init(null, new TrustManager[] { tm }, null);<br> HttpsURLConnection conn = (HttpsURLConnection) new URL("serverAddress:port").openConnection();<br> conn.setSSLSocketFactory(ctx.getSocketFactory());<br> conn.setHostnameVerifier(new HostnameVerifier() {<br><br> @Override<br> public boolean verify(String paramString, SSLSession paramSSLSession) {<br> return true;<br> }<br> });<br> conn.connect();<br><br> }mathiasdegroofhttp://theskeleton.wordpress.comnoreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-84535692532157145432011-01-24T12:52:48.000+01:002011-01-24T12:52:48.000+01:00[...] Avoiding the “javax.net.ssl.SSLHandshakeExce...[...] Avoiding the “javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: ...ICEFaces 2.0 charts migrationEmbedding fonts into PDF generated by JasperReportsPayPal Mass Payments using HttpClient 4Slow ICEFacesAvoiding the “javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated” with HttpClientSetting the notifyURL for the PayPal IPNPayPal Instant Payment Notification (IPN) Servlet with HttpClient 4 [...]Avoiding the “javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated” with HttpClient « The Skeletonhttp://theskeleton.wordpress.com/2010/07/24/avoiding-the-javax-net-ssl-sslpeerunverifiedexception-peer-not-authenticated-with-httpclient/noreply@blogger.comtag:blogger.com,1999:blog-668930342578805175.post-2234557919353421502011-02-03T13:05:37.000+01:002011-02-03T13:05:37.000+01:00Thanks Mathias!This works perfectly.Thanks Mathias!<br>This works perfectly.arne andnoreply@blogger.com