Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8320362

Load anchor certificates from Keychain keystore

XMLWordPrintable

    • b16
    • generic
    • os_x

      Simple HttpsURLConnection to https://github.com fails if use MacOS KeychainStore trustStore:

      java -Djavax.net.ssl.trustStoreType=KeychainStore HttpsURLConnectionTest https://github.com

      SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

      It happens because the user KeychainStore does not contain the required intermediate CA certificate and Apple Provider does not return Root certificates.

      On the other hand, Chrome and Safari apps successfully connect to github.com using MacOS KeychainStore

            abakhtin Alexey Bakhtin
            abakhtin Alexey Bakhtin
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: