Hi, Thanks for response, signature alg doesn’t seem to be md5.
Signature Algorithm: sha256WithRSAEncryption -Matt > On Feb 12, 2016, at 6:04 PM, Brent Putman <putm...@georgetown.edu> wrote: > > > > On 2/12/16 5:53 PM, Matt Chambers wrote: >> I’m not sure if I’m daft or just missing something super obvious, but I’m >> trying to setup HttpClient to connect to a Spring Boot server using a self >> signed cert, pretty much all day. Works fine via Chome, Python’s >> ‘requests’ module, and Objective-C but no matter what I do, this exception >> haunts me. >> >> java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: >> sun.security.validator.ValidatorException: PKIX path building failed: >> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >> valid certification path to requested target >> > > If you are using Oracle JDK: In the most recent versions of Java, > Oracle has by default disallowed PKIX trust of certificates signed with > MD5 algorithms. So check your cert's signature algorithm. If it's > MD5, either generate a new cert with SHA1, SHA256, etc, or change the > property which controls this in jre/lib/security/java.security: > > jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 > > > Remove MD5 from the list.