{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 劫难 的问题《how to solve this error “java.security.cert.Certif》','https://www.manongdao.com/q-979507.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
This question already has an answer here:
I am currently working on Mobile first version 8. While creating a java adapter to call a api through the following code I m receiving error "java.security.cert.CertificateException: PKIX path building failed mobile first java adapter error"
@GET
@Path("/unprotected")
@Produces(MediaType.TEXT_PLAIN)
@OAuthSecurity(enabled = false)
public String unprotected() {
StringBuffer content = new StringBuffer();
try {
URL url = new URL("Some Url");
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod("GET");
BufferedReader in =new BufferedReader(new inputStreamReader(con.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
content.append(inputLine);
logger.info("MYFind Data" + content.toString());
in.close();
con.disconnect();
} catch (Exception e) {
logger.info("" + e.getMessage());
}
return content.toString();
}
error found in the logfile from "C:\Users\Admin\MobileFirst-8.0.0.0\mfp-server\usr\servers\mfp\logs\messages.log"
E CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN CN=*.openweathermap.org, OU=EssentialSSL Wildcard, OU=Domain Control Validated was sent from the target host. The signer might need to be added to local trust store C:/Users/Admin/MobileFirst-8.0.0.0/mfp-server/usr/servers/mfp/resources/security/key.jks, located in SSL configuration alias defaultSSLConfig. The extended error message from the SSL handshake exception is: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
00000619 com.wether.JavaAdapterMainResource I java.security.cert.CertificateException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The error message very clearly articulates the problem:
The certificate from the endpoint is signed by 'COMODO'. Verify if your Java cacerts and/or keystore configured in your Liberty server has the root CA. If not, add it.
Yes i finally got the answer as uh said "SSL handshake is failing from a missing signer in your server". I just registered the my api url certificate to my mobile-first server.To do so with the software to import the certificate on server.
The url for software :- https://keystore-explorer.org/downloads.html
the path of file where to import certificate:-
C:\Users\Admin\MobileFirst-8.0.0.0\mfp-server\usr\servers\mfp\resources\security
Password:-"mobilefirst"
and just drag and drop the certificate of you api url
final setp to restart server