SSL “Peer Not Authenticated” error with HttpClient 4.1

by

If the server’s certificate is self-signed, then this is working as designed and you will have to import the server’s certificate into your keystore.

Assuming the server certificate is signed by a well-known CA, this is happening because the set of CA certificates available to a modern browser is much larger than the limited set that is shipped with the JDK/JRE.

The EasySSL solution given in one of the posts you mention just buries the error, and you won’t know if the server has a valid certificate.

You must import the proper Root CA into your keystore to validate the certificate. There’s a reason you can’t get around this with the stock SSL code, and that’s to prevent you from writing programs that behave as if they are secure but are not.

More Related Contents:

  1. Received fatal alert: handshake_failure through SSLHandshakeException
  2. Java: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  3. How to fix the “java.security.cert.CertificateException: No subject alternative names present” error?
  4. How to ignore PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException?
  5. HttpGet with HTTPS : SSLPeerUnverifiedException
  6. Java SSL: how to disable hostname verification
  7. Caused by: java.security.UnrecoverableKeyException: Cannot recover key
  8. javax.net.ssl.SSLPeerUnverifiedException: Host name does not match the certificate subject provided by the peer
  9. Java7 Refusing to trust certificate in trust store
  10. Android SSL HttpGet (No peer certificate) error OR (Connection closed by peer) error
  11. Java: Loading SSL Keystore via a resource
  12. How Can I Access an SSL Connection Through Android?
  13. Java Keytool error after importing certificate , “keytool error: java.io.FileNotFoundException & Access Denied”
  14. Ignore self-signed ssl cert using Jersey Client [duplicate]
  15. why doesn’t java send the client certificate during SSL handshake?
  16. How to ignore SSL certificate errors in Apache HttpClient 4.0
  17. Import PEM into Java Key Store
  18. limiting java ssl debug logging
  19. Read RSA private key of format PKCS1 in JAVA
  20. How to force java server to accept only tls 1.2 and reject tls 1.0 and tls 1.1 connections
  21. How to bypass ssl certificate checking in java
  22. Changing OpenSSL library in Android app for HttpClient
  23. Jenkins “unable to find valid certification path to requested target” error while importing Git repository
  24. GZip POST request with HTTPClient in Java
  25. Generate certificates, public and private keys with Java [closed]
  26. Using HTTPS with REST in Java
  27. SSLContext initialization
  28. How to configure trustStore for javax.net.ssl.trustStore on windows?
  29. Using Apache httpclient for https
  30. PKIX path building failed in Eclipse

Leave a Comment