javax.net.ssl.sslhandshakeexception received fatal alert bad_certificate

Question

Problem :

I am trying to setup a SSL Socket connection. But i am getting below error

javax.net.ssl.sslhandshakeexception received fatal alert bad_certificate

Answer 1

1. If the server certificate is signed and valid, you will only need to open the connection as usual with the use of bellow code:

import java.net.*;
import java.io.*;

public class URLConnectionReader {
    public static void main(String[] args) throws Exception {
        URL google = new URL("https://www.google.com/");
        URLConnection yc = google.openConnection();
        BufferedReader in = new BufferedReader(new InputStreamReader(
                                    yc.getInputStream()));
        String inputLine;
        while ((inputLine = in.readLine()) != null) 
            System.out.println(inputLine);
        in.close();
    }
}

2. If the server's certificate is signed but you are accessing using a different IP address/domain name than the one in the certificate, you can bypass hostname verification with this:

HostnameVerifier hv = new HostnameVerifier() {
    public boolean verify(String urlHostName,SSLSession session) {
        return true;
    }
};

HttpsURLConnection.setDefaultHostnameVerifier(hv);

3. If the certificate is not signed then you need to add it to the keystore used by the JVM 

Further Readings:

https://github.com/jamesdbloom/mockserver/issues/205