-
Notifications
You must be signed in to change notification settings - Fork 887
Florian Schmaus edited this page Aug 27, 2016
·
3 revisions
Question: I get "javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
Answer: Your SSLContext is not able to build a valid trust path from the certs in the trust store to the cert presented. Your options are:
- Find a cert which when put in the trust store establishes a valid trust chain
- Install a end-entity certificate which has a valid trust path on the service
- Use TLS pinning (e.g. java-pinning) on the client side
- Use TOFU principe for trust the certificate (e.g. Memorizing Trust Manager for Android).
- Accept all certificate (Don't do that)
- Don't use TLS (Only in certain situations a viable option)
Please also read up on TLS and make sure to understand how it works before you try to secure connections via TLS.