java - Sending http request to server have exception sometimes happen


Keywords:java 


Question: 

URL oauth = new URL(URL);
URLConnection oauth_connection = oauth.openConnection();

BufferedReader in = new BufferedReader(new InputStreamReader(
            oauth_connection.getInputStream()));

String inputLine = "";

String line;

//System.out.println(in.readLine());
while((line = in.readLine()) != null)
    inputLine += line;

in.close();

Throws exception at the BufferedReader line:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at sun.security.ssl.Handshaker.processLoop(Unknown Source) at sun.security.ssl.Handshaker.process_record(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)


2 Answers: 

you probably either have a self-signed certificate, or a chained certificate where some portion of the chain is not trusted.

You can import the certificate into your trust store see Digital Certificate: How to import .cer file in to .truststore file using?

Or you can ignore the problem as in this question Ignore certificate errors when requesting a URL in Java

 

All you need to do is to add the server certificate to your trusted Java key store if your client is written in Java.

Refer this page.