I am trying to download the contents of an https url in Java, but when do I get this error.
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I have been able to make an https connection to other secure services, but not the one I am trying to hit now. The server is internal to us and has a Godaddy cert. Could that be the issue?
public class DataRegressionTest {
private static String urlString = "https://somedomain.com/GetData";
public static void main(String[] args) throws Exception {
URL url = new URL(urlString);
HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
String urlContent = StreamUtils.urlConnectionToUrlContent(httpsURLConnection);
JsonNode jsonNode = JsonUtils.jsonToTree(urlContent);
System.out.println(jsonNode);
}
}
How do I fix this?
Here is a more complete stack trace
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
This Exception occurs, if the Certificate is invalid. If you open the URL with a Browser (Mozilla Firefox would be the best for this test, IE and Chrome using Certificates from the Active Directory Server in a Windows Domain) it the Certificate displayed as valid?
If not (what I guess) You will have to download the certificate and add it to the JVM.