Meaningless Drivel is fun!
The moose likes Security and the fly likes Receiving: java.CertificateException: Certificate not Trusted Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Receiving: java.CertificateException: Certificate not Trusted" Watch "Receiving: java.CertificateException: Certificate not Trusted" New topic

Receiving: java.CertificateException: Certificate not Trusted

Jay Damon
Ranch Hand

Joined: Jul 31, 2001
Posts: 282
The application I am working contains a class that is used to include text content from another site. It does this by 1) creating a URL object, 2) opening a URLConnection and 3) reading the content via an InputStream. This code has worked fine up to now for URLs such as:

However, the guardians of that content have now decided to secure the content and we need to access the content via an ASP page thru a URL similar to the following:

and this breaks the web page content retrieval class with the exception:

java.CertificateException: Certificate not Trusted

The problem appears to be one of authentication but I am unsure how authentication should be performed via the URL / URLConnection objects currently being accessed. I do not see anything in the Javadoc that appears to address this problem.

Note: The code does have access to a valid user id / password at the time of retrieval.

Any suggestions as to how to proceed would be appreciated.
Set Cruz

Joined: Jan 31, 2008
Posts: 26
Hi -
A text search on "keystore" yielded the following thread, which may be relevant keystore discussion

SCJP, Oracle PL/SQL Developer
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
Also note that the JSSE uses the terminology "truststore" to refer to the store that contains certificates that you want to trust. A keystore can contain trusted certificates and also your own secret and private keys. The JSSE docs ( contain much information on various ways to customize your truststore, including something as simple as putting the trusted certificates in a file and setting a system property to point to this file.

Nice to meet you.
I agree. Here's the link:
subject: Receiving: java.CertificateException: Certificate not Trusted
It's not a secret anymore!