Background: Application Server: Java Based Application is running on Windows Server 2008 R2 Enterprise. Java Version on this Server is Version 6 Update 32. JDBC Driver Version: 4.0 Database Server: The database server has been recently upgraded(Side by side upgrade with the same servername as the one before t…
Tag: ssl
javax.net.ssl.SSLHandshakeException:PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
My spring boot application communicate to a remote https url and it gives the above mentioned error while hitting a POST request. I went through multiple stackoverflow posts for the same topic. Installed/imported required certificates using keytool and restarted JVM. But that didn’t resolve my issue. Th…
TLS with client certificate failing handshake
I am confused as to where exactly I need to include client certificate. Now, my first issue is that I don’t trust the server. I tried using default Java keystore file (cacerts) which has both Thawte and Digicert in it, and those are the root authorities of the server I’m trying to communicate with…
LDAPS : Simple bind failed
I’m facing issue connecting to LDAPS from my application. I have imported all necessary certificates on JRE keystore. I’m able to make calls to LDAPs when I put the following string in java.security When I change this line to my connection fails with following error: In wireshark it complains abou…
SSLEngine Handshake stuck at second loop
I’m trying to implement an SSL Handshake using SSLEngine, I need to do it both ways as a sever and as a client as well, however I’m stuck and I cannot figure it out why. The handshake starts correctly, the Hello’s are exchanged, the keys are exchanged, but then I’m getting into a NEED_…
Importing internal CA to Jenkins
I’m trying to use a Jenkins job (pipeline) to read some information from a json endpoint and do something based on that information then. The endpoint it is reading from is an internal one and the application is reachable via https with a certificate that is self-signed by our internal CA. Here’s …
Set JRE to use Windows trust store, specifically the user’s trust store
Summary: Java option -Djavax.net.ssl.trustStoreType=WINDOWS-ROOT allows Java to use the Windows trust store for the computer account. What option allows it to use the Windows trust store for the user account? We have a Java application that we run on our Windows clients. The application gets data from various…
Why does ManagedChannelBuilder not have TLS parameters for making TLS connections to the server?
In this example https://github.com/grpc/grpc-java/blob/master/interop-testing/src/test/java/io/grpc/testing/integration/TlsTest.java you see that the TLS client connection has various TLS parameters such as But my app has thus far used https://github.com/grpc/grpc-java/blob/master/core/src/main/java/io/grpc/M…
Including a .pem certificate in a Java HTTP request
I am currently able to access a web service that requires a client certificate using the following curl command: curl -k -v –cert ./certificate.pem https://api.com/unit How do I make this request in a Java application? Notice that I need the -k flag which allows curl to make “insecure” SSL c…
SSL compatibilty in java 1.4
I have searched for a number of posts but cannot find the answer. Is there any way possible i could use SNI in java 1.4. I checked that the API is available in java7 but is there any workaround to use SNI in java 1.4? Answer JSSE (Java Secure Socket Extension) is an API defined to implement SSL in java.