Untrusted server cert chain ?

I'm trying to connect to an https site with this java codejava.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); java.net.URL url = new java.net.URL("https://...."); java.io.InputStream in = url.openStream(); java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(in));
when I try to read from BufferedReader, I have a SSLException: untrusted server cert chain.
javax.net.ssl.SSLException: untrusted server cert chain java.lang.Throwable(java.lang.String) java.lang.Exception(java.lang.String) java.io.IOException(java.lang.String) javax.net.ssl.SSLException(java.lang.String) void com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(byte, java.lang.String) void com.sun.net.ssl.internal.ssl.ClientHandshaker.a(com.sun.net.ssl.internal.ssl.HandshakeMessage$CertificateMsg) void com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(byte, int) void com.sun.net.ssl.internal.ssl.Handshaker.process_record(com.sun.net.ssl.internal.ssl.InputRecord) void com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(com.sun.net.ssl.internal.ssl.InputRecord, boolean) void com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(com.sun.net.ssl.internal.ssl.OutputRecord) void com.sun.net.ssl.internal.ssl.AppOutputStream.write(byte [], int, int) void java.io.OutputStream.write(byte []) void com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake() java.net.Socket com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect(java.lang.String, int) void com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer(java.lang.String, int) void com.sun.net.ssl.internal.www.protocol.https.HttpClient.l() com.sun.net.ssl.internal.www.protocol.https.HttpClient(javax.net.ssl.SSLSocketFactory, java.net.URL, boolean) com.sun.net.ssl.internal.www.protocol.https.HttpsClient(javax.net.ssl.SSLSocketFactory, java.net.URL) com.sun.net.ssl.internal.www.protocol.https.HttpClient com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(javax.net.ssl.SSLSocketFactory, java.net.URL, com.sun.net.ssl.HostnameVerifier, boolean) com.sun.net.ssl.internal.www.protocol.https.HttpClient com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(javax.net.ssl.SSLSocketFactory, java.net.URL, com.sun.net.ssl.HostnameVerifier) void com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect() java.io.InputStream com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream() java.io.InputStream java.net.URL.openStream() evaluated code
Could anyone explain me if I can solve it?How ?
Thank you,
Horaci Macias

javax.net.ssl.SSLException: untrusted server cert chainjava.lang.Throwable(java.lang.String)java.lang.Exception(java.lang.String)java.io.IOException(java.lang.String)javax.net.ssl.SSLException(java.lang.String)
basically means that your client doesn't trust the server (or any of the server's signers).
There could be any number of reasons for this,
a) the server's certificate is a self-signed one
b) The server does not provide a large enough "certificate chain" to go back to one of the certs in the jre/lib/security/cacerts.

I ran into this problem myself. I fixed this by updating the cacerts file
in the JVM ($JAVA_HOME/jre/lib/security) with the same file from a JDK1.4 installation. Apparently, the JDK 1.4 knows about a lot more licensing
agencies (like Verisign, Thawte etc) than JDK 1.3 ever did. This would
work for all certificates issued by known agencies/common agencies, even test/trial ones. If you use a custom certificate, then you would have to export the certificate out of your server and import it into the JVM of your app server/web server.
Hope this helps.