Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

System.setProperty() doesn't seem to take new keystore

843811Feb 15 2008 — edited May 29 2008
Hi,

I've spent a few hours hunting around on google and can't seem to find a solution to my problem so hopefully someone here can help.

I've written a simulator for people at work that tests HTTPS connections using .jks keystores. Each time they make a request they pass in a few basic variables like IP Address and Port number etc but also the keystore file to use.

The first HTTPS request always works fine, assuming they've passed in the correct keystore, but if they then change the keystore and point to another server it fails even if using the correct keystore. Here is the part of the code where the keystore is set.
public HttpsURLConnection getHTTPSRequest(URL url) throws IOException {
		System.setProperty("javax.net.ssl.trustStore", ToolWindow.sHTTPSKeystoreLocation);
		System.setProperty("javax.net.ssl.keyStoreType", "JKS");
		System.out.println(ToolWindow.sHTTPSKeystoreLocation);
		System.out.println(System.getProperty("javax.net.ssl.trustStore"));
		HttpsURLConnection httpsURL = (HttpsURLConnection)url.openConnection();
		httpsURL.setHostnameVerifier(new HostnameVerifier()
		{      
			public boolean verify(String hostname, SSLSession session)
			{
				return true;
			}
		});
		httpsURL.setRequestProperty("Content-Type","text/xml");
		httpsURL.setDoOutput(true);
		httpsURL.setDoInput(true);
		httpsURL.setConnectTimeout(iConnectTimeout);
		httpsURL.setReadTimeout(iReadTimeout);
		return httpsURL;
	}
The System.out.println output always shows the correct keystore that's being passed in but the following exception gets thrown:

nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I know the path and certificate are good because if I restart the application and put in the same values it works but each time I change the keystore it stops working. It seems like System.setProperty() isn't using the new keystore supplied when making the connection but then my System.out.println output would show that surely.

Any help would be appreciated.

Thanks.
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jun 26 2008
Added on Feb 15 2008
#java-secure-socket-extension-jsse
6 comments
1,803 views