-
Bug
-
Resolution: Not an Issue
-
P4
-
None
-
8u144
-
x86_64
-
windows_7
FULL PRODUCT VERSION :
java version "1.8.0_144"
Java(TM) SE Runtime Environment (build 1.8.0_144-b01)
Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
A DESCRIPTION OF THE PROBLEM :
While opening a HTTPS connection to the server https://www.gdi-nordosthessen.de we get the folloing exception:
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
Browsers (e.g. Firefox) accept this URL without any error.
The root certificate is GlobalSign Root R3.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Open a URLConnection to the following URL:
https://www.gdi-nordosthessen.de/ws/wms/vs_plu_bplan_waldkappel/ows.wms?Bbox=560839.44476875%2C5665951.483658333%2C562430.0954270834%2C5666827.3968375&Format=image%2Fpng&Height=913&layer_id=41384&Layers=BP_636012_2233_032_000&PHPSESSID=ajlacrg275v7d10i8jipc7leh0&REQUEST=GetMap&SERVICE=WMS&Srs=EPSG%3A25832&Styles=&Transparent=TRUE&VERSION=1.1.1&Width=1658
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Connection opens without exception and I can read the data.
ACTUAL -
Exception occurs
ERROR MESSAGES/STACK TRACES THAT OCCUR :
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
URL url = new URL("https://www.gdi-nordosthessen.de/ws/wms/vs_plu_bplan_waldkappel/ows.wms?Bbox=560839.44476875%2C5665951.483658333%2C562430.0954270834%2C5666827.3968375&Format=image%2Fpng&Height=913&layer_id=41384&Layers=BP_636012_2233_032_000&PHPSESSID=ajlacrg275v7d10i8jipc7leh0&REQUEST=GetMap&SERVICE=WMS&Srs=EPSG%3A25832&Styles=&Transparent=TRUE&VERSION=1.1.1&Width=1658");
try (InputStream inputStream = url.openConnection().getInputStream()) {
inputStream.read();
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Add the certificate of this server as a trusted to the default Java keystore or set a TrustManager that accepts this certificate.
java version "1.8.0_144"
Java(TM) SE Runtime Environment (build 1.8.0_144-b01)
Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
A DESCRIPTION OF THE PROBLEM :
While opening a HTTPS connection to the server https://www.gdi-nordosthessen.de we get the folloing exception:
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
Browsers (e.g. Firefox) accept this URL without any error.
The root certificate is GlobalSign Root R3.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Open a URLConnection to the following URL:
https://www.gdi-nordosthessen.de/ws/wms/vs_plu_bplan_waldkappel/ows.wms?Bbox=560839.44476875%2C5665951.483658333%2C562430.0954270834%2C5666827.3968375&Format=image%2Fpng&Height=913&layer_id=41384&Layers=BP_636012_2233_032_000&PHPSESSID=ajlacrg275v7d10i8jipc7leh0&REQUEST=GetMap&SERVICE=WMS&Srs=EPSG%3A25832&Styles=&Transparent=TRUE&VERSION=1.1.1&Width=1658
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Connection opens without exception and I can read the data.
ACTUAL -
Exception occurs
ERROR MESSAGES/STACK TRACES THAT OCCUR :
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
URL url = new URL("https://www.gdi-nordosthessen.de/ws/wms/vs_plu_bplan_waldkappel/ows.wms?Bbox=560839.44476875%2C5665951.483658333%2C562430.0954270834%2C5666827.3968375&Format=image%2Fpng&Height=913&layer_id=41384&Layers=BP_636012_2233_032_000&PHPSESSID=ajlacrg275v7d10i8jipc7leh0&REQUEST=GetMap&SERVICE=WMS&Srs=EPSG%3A25832&Styles=&Transparent=TRUE&VERSION=1.1.1&Width=1658");
try (InputStream inputStream = url.openConnection().getInputStream()) {
inputStream.read();
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Add the certificate of this server as a trusted to the default Java keystore or set a TrustManager that accepts this certificate.