Java and https invalid certification error

In case you are working under a restricted network with some particular proxy who have its own secure certificate system is possible you experiment some problem when Java runtime try to download something from an https address. Developing with Android Studio can show the problem cause try to download gradle package at first compilation.



To be more precise the error you can experiment is the following:

Error:Cause: unable to find valid certification path to requested target

The faster solution is to use http url instead of https but cause is not very easy to find the correct url causing the problem (using Android Studio for example) the only remaining solution is to import the "correct" certificate inside java environment. This solution suppose you have access to the correct certificate files to import since, without it, is practically impossible for you to use any standard browser like Firefox and others. If you don't have the certificate files but your browser can access to https urls probably you already have required certificates installed in the browser, you can try to export from it if you know which needed (sorry I can not help here, in case ask to your network administrator). Once you have all required certificate files available you can launch the following java tool (usually inside java/bin folder) for import certificates into Java environment (please note certificate file extension can be different, it doesn't matter):

keytool -import -alias certificate_label -file certificate_file.cer -keystore %JAVA_HOME%/jre/lib/security/cacerts

The tool will ask for a password that is: changeit

In some Linux systems in particular conditions is possible this tool will show the following error:

java.util.IllegalFormatConversionException: d != java.lang.String

It seem a problem connected to the system language, currently the only way I found to fix the issue and have the tool working as expected is to add the following param in red:

keytool -J-Duser.language=en -import -alias certificate_label -file certificate_file.cer -keystore %JAVA_HOME%/jre/lib/security/cacerts

You have to repeat this operation for all certificates you need to import. Once done java should be able to download any files without error. In case you want to know the list of certificates currently installed into java environment the command is the following:

keytool -list -keystore %JAVA_HOME%/jre/lib/security/cacerts

Hope this will help.

Comments

Popular posts from this blog

Access GPIO from Linux user space

Android: adb push and read-only file system error

Tree in SQL database: The Nested Set Model