JAX-RS Client, javax.net.ssl.SSLHandshakeException and Solution 📎
The following exception:
javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:284)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:278)
at org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$1(JerseyInvocation.java:767)
is thrown during the initialization of JAX-RS / HTTPs connection and caused by the lack of a certificate in Java's keystore. A certificate import fixes the problem, for System Tests, however, a certificate verification is not required (except in cases where certificate verification is tested) and can be omitted:
public class SSLClientIT {
private Client client;
private String host = "https://...;
private WebTarget tut;
@Before
public void init() throws KeyManagementException, NoSuchAlgorithmException {
TrustManager[] noopTrustManager = new TrustManager[]{
new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
}
};
SSLContext sc = SSLContext.getInstance("ssl");
sc.init(null, noopTrustManager, null);
this.client = ClientBuilder.newBuilder().
sslContext(sc).
build();
this.tut = this.client.target(this.host);
}
@Test
public void get() {
String result = this.tut.request().get(String.class);
System.out.println("result = " + result);
}
}
See you at Java EE Workshops at Munich Airport, Terminal 2 or Virtual Dedicated Workshops / consulting. Is Munich's airport too far? Learn from home: airhacks.io.