This week's book giveaway is in the OCPJP forum. We're giving away four copies of OCA/OCP Java SE 7 Programmer I & II Study Guide and have Kathy Sierra & Bert Bates on-line! See this thread for details.
I am trying to connect to a URL from my java code and i am running it in Tomcat server but i am getting this error
Error while connecting javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
can anyone please help me and tell me how to register this certication in tomcat server.
Joined: Feb 02, 2010
What you need to do is to import the server certificate and install it in your JDK's keystore. If I am talking greek, its ok. I too just leant this. Just follow these steps and you will be able to get rid of that error.
1. First of all you copy the URL that you are connecting to and paste it in your browser. Let us say you are using IE. Just paste the url in the address bar and press enter.
2. You will now probably see a dialog box warning you about the certificate. Now click on the 'View Certificate' and install the certificate. Ignore any warning messages.
3. Now that the server certificate is installed in your computer, your browser will not warn you when you visit the same site again. But however your JRE dumb as it is does not yet know about this certificate's existence until you add it to its keystore. Usually you will use the keytool to manage certificates. Keytool is a command-line utility with numerous arguments that allow you to create and manage keystores for housing digital certificates. For the complete documentation of keytool,http://java.sun.com/j2se/1.3/docs/tooldocs/win32/keytool.html
4. You can list the current certificates contained within a keystore using they keytool -list command. The initial password for the cacerts keystore is changeit. For example:
5. Now you have to add the previosly installed certificate to this keystore. To add, begin by exporting your CA Root certificate as a DER-encoded binary file and save it as C:\root.cer. (you can view the installed certificates under Tools->'Internet Options' ->Content->Certificates. Once you open the certificates, locate the one you just installed under 'Trusted Root Certification Authorities". Select the right one and click on 'export'. You can now save it (DER encoded binary) under your c: drive.
6. Then use the keytool -import command to import the file into your cacerts keystore.
For example:-alias myprivateroot -keystore ..\lib\security\cacerts -file c:\root.cer