Hi Susanta, I had a similar problem and Oleg Kalnichevski answered me:
> Possibly a better option might be a custom socket factory that can > create SSL connections with different SSL contexts using different trust > and key material based on the hostname of the target server. I decided to make a little change on HttpClient to set a new SchemeRegistry on each request thread that need specific trust and key material and I add it as a SCHEME_REGISTRY attribute to a Context variable. You can find this talk at http://marc.info/?l=httpclient-users&m=133830124402823&w=2 Jose Escobar 2012/9/10 Susanta Mohapatra <[email protected]>: > Hi all, > > I am trying to import a self-signed certificate into the default java > keystore "cacerts" ( Java version 1.5 ). The certificate is imported > successfully but when I try to use HttpClient library to connect to the > server, I run into the error > > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > javax.net.ssl.SSLHandshakeException > com.sun.net.ssl.internal.ssl.Alerts:getSSLException > > I found some articles by googling that you need to make a new jks keystore > by importing the self-signed certificate. But I want to do it on the > default keystore "cacerts". I don't want to relax the constraints of > certificate checks at client side. > > Please help me out with the correct solution for the issue. > > Thanks > Susanta --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
