I’ve had this https connection problem from my java client to other https server.
sun.security.validator.ValidatorException: PKIX path validation failed:
apparently the problem lies on invalid https certificate on https server i want to access.
for simple https connection testing from java client you can use this small java class : sslPoke
https://confluence.atlassian.com/download/attachments/779355358/SSLPoke.class?version=1&modificationDate=1441897666313&api=v2
after downloading above class, just go to the directory where you put SSLPoke.class and run this command
java SSLPoke google.com 443
*replace google.com and port with https server and port you want to test
if there is no problem with your https connection you’ll get
connection successfull response
pi@raspberrypi /home $ java SSLPoke google.com 443
Successfully connected
otherwise youll get exception error printed
for example i test against tomcat https server with self-signed certificate created using keytool
java SSLPoke 10.10.133.194 8443
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:138)
at SSLPoke.main(SSLPoke.java:31)
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:146)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
Some https problem require you to import certificate used on https server to your java (client) keystore.
after importing the certificate from the server (to client), we can execute this java command to access the https server
pi@raspberrypi /home $ java -Djavax.net.ssl.trustStore=/home/apps/serverapps/tomcat7/keys/.keystore SSLPoke 10.2.133.194 8443
Successfully connected