I have a valid keystore on my local development machine, which contains a certificate for accessing a webservice via HTTPS.
I access this keystore in my project via:
System.setProperty("javax.net.ssl.truststore", "C:\\<workspaceprojectPath>\\SIPkeystore\\truststore.jks"); // sollte wohl auch ohne Keystore klappen
System.setProperty("javax.net.ssl.keyStore", "C:\\<workspaceprojectPath>\\SIPkeystore\\SIPkeystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "SECRET");
Now I want to access that certificate from another project. There I provide the same (full) path to the keystore in the other (local) project directory.
Apparently the path is still found by the jvm and the property is being set, but on accessing the web service I get the same error message as if I hadn’t added the keystore at all.
When trying run the application I get a
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid
certification path to requested target
Is there a possibility to copy an existing keystore? This will be important also, when we deploy the application to our server. The application will run as stand-alone jar. (no web server)
EDIT:
Ok, copying the keystore does not seem to be the problem, as I am able to run the original application while using a local copy of the original keystore files. It seems like it is a configuration issue.
First of all, if Web service doesn’t require client certificate (i.e. that you introduce yourself) there’s no need for keystore – you only need truststore.
It could be that other project cannot access truststore, so just for exercise, try to open
C:\<workspaceprojectPath>\SIPkeystore\truststore.jksthere and read first few bytes. If you succeed, it means that the other project has some other truststore set as default, so in that case try:Also, bear in mind that Java is case-sensitive, and you specified
javax.net.ssl.truststoreproperty instead ofjavax.net.ssl.trustStore. Try fixing this also.