Fiddler as proxy for java giving -PKIX path building failed - error!!

1 posts, 0 answers
  1. Pratheesh
    Pratheesh avatar
    1 posts
    Member since:
    Jun 2017

    Posted 29 Jun 2017 Link to this post

    I am trying to use fiddler as a proxy for my java application that uses HTTPS connection. I had enabled proxy settings(HTTPS&Connections) on Fiddler and exported the Fiddler ROOT certificate successfully to my java keystore(cacerts). However when I run my application it is throwing following error:

    Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target<br>at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)<br>at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1908)<br>at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:293)<br>at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:287)<br>at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1333)<br>at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154)<br>at sun.security.ssl.Handshaker.processLoop(Handshaker.java:906)<br>at sun.security.ssl.Handshaker.process_record(Handshaker.java:841)<br>at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)<br>at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1334)<br>at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1362)<br>at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1346)<br>at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)<br>at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)<br>at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1454)<br>at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1382)<br>at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)<br>at com.teknowmics.jcloudplugin.FiddlerConnectorTest.main(FiddlerConnectorTest.java:36)<br>Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target<br>at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)<br>at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)<br>at sun.security.validator.Validator.validate(Validator.java:260)<br>at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)<br>at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)<br>at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)<br>at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1315)<br>... 13 more<br>Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target<br>at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:144)<br>at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:130)<br>at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)<br>at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)<br>... 19 more

    Sample code I used:

    public static void main(String args[]) throws MalformedURLException, IOException {<br>        System.setProperty("https.proxySet","true");<br>        System.setProperty("https.proxyHost", "127.0.0.1");<br>        System.setProperty("https.proxyPort", "8888");<br>        System.setProperty("javax.net.ssl.trustStore", "d:\\SmartDocs\\installed\\jdk1.8.0Lambda\\jre\\lib\\security\\cacerts");<br>        System.setProperty("javax.net.ssl.trustStorePassword", "changeit");<br>        System.out.println("Trust store:"+System.getProperty("javax.net.ssl.trustStore"));<br>        System.out.println("Trust store pwd:"+System.getProperty("javax.net.ssl.trustStorePassword"));<br>        String https_url = "https://stackoverflow.com/questions/499591/are-https-urls-encrypted";<br>        URL url;<br>        url = new URL(https_url);<br>        HttpsURLConnection con = (HttpsURLConnection) url.openConnection();<br>        if(con!=null){<br>   System.out.println("****** Content of the URL ********");<br>   BufferedReader br =new BufferedReader(new InputStreamReader(con.getInputStream()));<br>   String input;<br>   while ((input = br.readLine()) != null){<br>      System.out.println(input);<br>   }<br>   br.close();<br>       }<br>    }<br>

     

Back to Top