Skip to main content

How to handle 'SunCertPathBuilderException: unable to find valid certification path to requested target'

I have set up Atlassian Jira and set e-mail address for it. When I tried to sent test e-mail, I have faced with an error : SunCertPathBuilderException: unable to find valid certification path to requested target . After some search on Internet, I have found the following solution:

To retrieve an SSL certificate from remote server, use InstallCert.java. After compiling the file, run the command: java InstallCert mta.xxx.gov.tr:465. The run will fetch ssl certificate from specified port on the host:



Opening connection to mta.xxx.gov.tr:465...

Starting SSL handshake...

javax.net.ssl.SSLException: java.lang.UnsupportedOperationException
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1842)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1825)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1346)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at InstallCert.main(InstallCert.java:91)

Caused by: java.lang.UnsupportedOperationException
at InstallCert$SavingTrustManager.getAcceptedIssuers(InstallCert.java:175)
at sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:926)
at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:872)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:814)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)

... 2 more

Server sent 3 certificate(s):
Choose one of the certificates to use. Type 1 to choose first. This process ends with this line:

Added certificate to keystore 'jssecacerts' using alias 'mta.xxx.gov.tr-1'
Now, in current directory, jssecacerts file has been created. The last thing to do is to copy it into $JAVA_HOME/jre/lib/security/ directory. As a result of final action, ssl certificate of the site will be trusted.

To see the effect on jira , make sure that JAVA_HOME variable of jira is same with the directory you use in this tutorial. Otherwise, jira will not be able to discover the changes.
Labels:
Location: Türkiye

Comments

Post a Comment

Popular posts from this blog

Integration of MuPDF Project as a Library into an Android Studio Project

I have needed to use MuPDF library in my android project. After some research, I have seen that there are many integration tutorials but, but integrated projects are developed on Eclipse. For projects on AndroidStudio+Gradle, there is no example. I mean there is no specific example which exactly refers to this issue. So, after achieving my goal, I want to share the steps publicly so that it can be reused by others.
27 comments
Read more

Migration from Proxmox to Openstack

I needed to migrate virtual machines in proxmox to openstack. VMs are in raw format. I needed to take some actions for a succesfull migration. I have perform all actions on Ubuntu 12.04 with virt-manager. qemu-kvm is installed. Here is the list of actions that I took: First, close the machine and copy the image file into your Ubuntu. Convert raw image to qcow2 format: qemu-img convert -O qcow2 image1.raw image1.qcow2 You need the image in qcow2 format for compatibility with openstack platform.  Open the converted image in virt-manager. Before opening, edit disk options. Under ' advanced options ' section, select ' qcow2 ' as ' storage forma t '. Start the virtual machine. You should see the login screen soon. (If you don't set storage format, vm will not find a bootable device. )   If everything is ok so far, close the vm. Take qcow2 image and upload it into glance. It may take time depending on size of it. After this process is completed, open a...
Post a Comment
Read more

How to avoid API-level warning of Android Studio

Before giving the solution, let's start with a scenario. setSelectionFromTop() is a new method in Android Lollipop API. This method is basically beneficial to precisely keep scroll state of a ListView. By keeping that info, a developer can go back to old scroll state after doing some operation like data set change. You are aware of API level and you do your control before you call this function: if (currentapiVersion >= Build.VERSION_CODES.LOLLIPOP) { srlistview.setSelectionFromTop(index, top); } But if project minSdk is set to a lower level (in this case it is 15), this warning will still be displayed in Android Studio:
3 comments
Read more