Menu

#1 javax.net.ssl.SSLHandshakeException

open
nobody
None
5
2003-09-03
2003-09-03
Alexander Kunkel
No

###
I become on some http-portals like https://b2b.bmw.com/
following Exception:

javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: No trusted
certificate found
at
com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at
com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at org.doit.io.ByteArray.writeTo(ByteArray.java:127)
at org.doit.muffin.Message.write(Message.java:334)
at org.doit.muffin.Request.write(Request.java:106)
at org.doit.muffin.HttpsForward.send(HttpsForward.java:35)
at org.doit.muffin.Http.sendRequest(Http.java:85)
at
org.doit.muffin.ForwardSecureHandler.processRequest(ForwardSecureHandler.java:137)
at org.doit.muffin.Handler.run(Handler.java:164)
at
org.doit.util.ReusableThread.run(ReusableThread.java:86)
Caused by: sun.security.validator.ValidatorException:
No trusted certificate found
at
sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304)
at
sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107)
at
sun.security.validator.Validator.validate(Validator.java:202)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275)
at
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275)
... 15 more

###
I successfully switched off the client side certificate
ckeck in file HttpsForward.jave like following:

line:
static SSLSocketFactory FACTORY = (SSLSocketFactory)
SSLSocketFactory.getDefault();

replaced with:
static SSLSocketFactory FACTORY = null;

static {
// Create a trust manager that does not
validate certificate chains
TrustManager[] trustAllCerts =
new TrustManager[] { new X509TrustManager() {
public java
.security
.cert
.X509Certificate[] getAcceptedIssuers()
{ return null;
}
public void checkClientTrusted(

java.security.cert.X509Certificate[] certs,
String authType) {
}
public void checkServerTrusted(

java.security.cert.X509Certificate[] certs,
String authType) {
}
}
};

// Install the all-trusting trust manager
SSLContext sc = null;
try {
sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new
java.security.SecureRandom());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
FACTORY =
(SSLSocketFactory)sc.getSocketFactory();
}
catch (Exception e) {
FACTORY =
(SSLSocketFactory)SSLSocketFactory.getDefault();
}

}
####
Exists there a better solution to prevent the Exception?
I personally need no certificate check.

Alexander

Discussion

Log in to post a comment.

MongoDB Logo MongoDB