Skip to Main Content

DevOps, CI/CD and Automation

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Ignore/disable certificate check for REST java calls

Tianwei Huang-OracleJun 22 2016 — edited Jun 22 2016

Hi,

I am currently using RestServiceAdapter to make REST api calls in my java class. And it sometimes bumps into the problem of certificate invalid error like this:

ERROR [oracle.adfmf.framework.exception.AdfException] - sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

06-22 11:26:52.139  2535  2579 D JVM     :     at oracle.adfmf.dc.ws.rest.RestTransportLayer.sendReceiveBytes(Unknown Source)

06-22 11:26:52.139  2535  2579 D JVM     :     at oracle.adfmf.dc.ws.rest.RestTransportLayer.sendReceive(Unknown Source)

06-22 11:26:52.139  2535  2579 D JVM     :     at oracle.adfmf.dc.ws.rest.RestServiceAdapterImpl.sendReceive(Unknown Source)

06-22 11:26:52.139  2535  2579 D JVM     :     at oracle.adfmf.dc.ws.rest.RestServiceAdapterImpl.send(Unknown Source)

I have tried several ways to solve this. I have tried to set Dcom.sun.net.ssl.checkRevocation to false in life cycle listener's start function but it didn't work. I also tried to use the following function to overwrite the default hostname checker by adding static javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier, but that didn't work as well. My app let the user add URL for REST calls at run time, so it is also not possible for me to add all certificates to jvm in development time. So I was wondering if there is a way for me to turn off the ssl security check in java/maf?

Any suggestions or advice are greatly appreciated.

Thanks,

Tianwei

Comments
Post Details
Added on Jun 22 2016
0 comments
1,007 views