• Register
0 votes
432 views

Problem :

I am trying to consume a RESTful service from url https://someurl.com. But I am getting the following error: 
java security cert certpathvalidatorexception certificate chaining error
6.9k points

Please log in or register to answer this question.

2 Answers

0 votes

Solution :

Please login to web admin console & follow bellow steps to resolve your issue.

  • Please go to Security > SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates
  • Please click Retrieve from port button, and specify hostname, 443 port, and Alias.
  • Please click Retrieve singer information button.
  • Please verify if correct certificate is imported.
  • Please save, and restart.

Further Readings:

https://support.oracle.com/knowledge/Oracle%20E-Business%20Suite/1903860_1.html

38.6k points
edited by
0 votes

Solution:

I'm pretending you have a web application, which is attempting to access that restful service.

First, you must not place your stores via javax.net.ssl.* properties, however use SSL configurations given in WebSphere. Hence comment all these setProperty() calls. Second, you have to include your service server certificate to the trust store

Login to web admin console:

  • Go to Security > SSL certificate and key management > Key stores and certificates > NodeDefaultTrustStore > Signer certificates

  • Click on Retrieve from port button, and seclude hostname, 443 port, and Alias.

  • Click On Retrieve singer information button.

  • Accomplish, in case right certificate is imported (parent).

  • Save, and restart.

In few versions, the child certificate was imported (not the root), in that instance, you will have to manually download the root certificate and instanr (for example through browser, and import that one to the NodeDefaultTrustStore, however this time employing Add button, not Retrieve..

I lately had this similar problem with our db provider, they sent me their .crt file and I had to make a keystore with it.

keytool -import -alias "name" -file "/path/to/file" -keystore "/path/to/keystore/file" -storetype pkcs12 -storepass "keystorepass"

then at my main class I identified truststore and truststore pass:

 System.setProperty("javax.net.ssl.trustStore", "/path/to/keystore/file");
 System.setProperty("javax.net.ssl.trustStorePassword", "keystorepass");  

One method to confirm that all of the necessary certificates are in your keystore is employing the “keytool” from the bin directory of the interface in use.

  1. Begin an Administrator Command Prompt.

  2. Navigate to the bin directory of the API method you are employing.

  3. Type keytool –list and review the certificates stocked. You must view at least one Verisign certificate authored by Avalara with an expiration date greater than the current date.

  4. In case not, you may require to recreate the keystore with 'keytool' employing the "genkey" option and re-import your application certificates in case any of the components of the certificate chain are missing or out of date.

31.7k points
edited by

Related questions

0 votes
1 answer 26 views
26 views
Problem: Where should I seek assistance with this problem : Java security cert certpathvalidatorexception certificate chaining error?
asked Jun 16 Nahil 128k points
0 votes
1 answer 20 views
0 votes
1 answer 47 views
47 views
Problem: java.security.cert.certpathvalidatorexception: trust anchor for certification path not found.
asked Feb 19 Lucky Guy 1.5k points
0 votes
1 answer 73 views
73 views
Problem : I have the Java web service client, which consumes the web service via HTTPS. When I try to connect to the service URL (https://AAA.BBB.CCC.DDD:9443/ISomeService ), I get the exception as below: “ Java.security.cert.CertificateException: No subject alternative names present.”
asked Jan 21, 2020 jwilliam 3.9k points
0 votes
1 answer 236 views
236 views
Problem : I have a Java web service client, which consumes a web service via HTTPS. When I connect to the service URL, I get the exception java.security.cert.CertificateException: No subject alternative names present.
asked Oct 22, 2019 peterlaw 6.9k points
0 votes
1 answer 13 views
13 views
Problem: Try to discover this: Ssl certificate problem verify that the ca cert is ok
asked Jun 26 nila 121k points
0 votes
1 answer 7 views
7 views
Problem : Is there a method to resolve this issue: Pkix path validation failed java security cert certpathvalidatorexception?
asked Jun 16 Siam55 110k points
0 votes
1 answer 15 views
15 views
Problem: I'm not sure how I got this : This server could not prove that it is its security certificate is from.
asked Jun 17 Rada Gracelynn 104k points
0 votes
1 answer 16 views
16 views
Problem: What is the answer : The security certificate presented by this website?
asked May 22 Florina Gulnar 106k points
0 votes
1 answer 20 views
20 views
Problem: I am unable to fix it. > Revocation information for the security certificate lol
asked May 11 Junia Phoebe 83.8k points