I am trying to use fiddler as a proxy for my java application that uses HTTPS connection. I had enabled proxy settings(HTTPS&Connections) on Fiddler and exported the Fiddler ROOT certificate successfully to my java keystore(cacerts). However when I run my application it is throwing following error:
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target<
br
>at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)<
br
>at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1908)<
br
>at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:293)<
br
>at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:287)<
br
>at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1333)<
br
>at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154)<
br
>at sun.security.ssl.Handshaker.processLoop(Handshaker.java:906)<
br
>at sun.security.ssl.Handshaker.process_record(Handshaker.java:841)<
br
>at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)<
br
>at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1334)<
br
>at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1362)<
br
>at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1346)<
br
>at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)<
br
>at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)<
br
>at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1454)<
br
>at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1382)<
br
>at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)<
br
>at com.teknowmics.jcloudplugin.FiddlerConnectorTest.main(FiddlerConnectorTest.java:36)<
br
>Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target<
br
>at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)<
br
>at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)<
br
>at sun.security.validator.Validator.validate(Validator.java:260)<
br
>at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)<
br
>at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)<
br
>at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)<
br
>at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1315)<
br
>... 13 more<
br
>Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target<
br
>at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:144)<
br
>at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:130)<
br
>at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)<
br
>at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)<
br
>... 19 more
Sample code I used:
public static void main(String args[]) throws MalformedURLException, IOException {<
br
> System.setProperty("https.proxySet","true");<
br
> System.setProperty("https.proxyHost", "127.0.0.1");<
br
> System.setProperty("https.proxyPort", "8888");<
br
> System.setProperty("javax.net.ssl.trustStore", "d:\\SmartDocs\\installed\\jdk1.8.0Lambda\\jre\\lib\\security\\cacerts");<
br
> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");<
br
> System.out.println("Trust store:"+System.getProperty("javax.net.ssl.trustStore"));<
br
> System.out.println("Trust store pwd:"+System.getProperty("javax.net.ssl.trustStorePassword"));<
br
> String https_url = "https://stackoverflow.com/questions/499591/are-https-urls-encrypted";<
br
> URL url;<
br
> url = new URL(https_url);<
br
> HttpsURLConnection con = (HttpsURLConnection) url.openConnection();<
br
> if(con!=null){<
br
> System.out.println("****** Content of the URL ********");<
br
> BufferedReader br =new BufferedReader(new InputStreamReader(con.getInputStream()));<
br
> String input;<
br
> while ((input = br.readLine()) != null){<
br
> System.out.println(input);<
br
> }<
br
> br.close();<
br
> }<
br
> }<
br
>