srikanthsrigir…

SunCertPathBuilderException: unable to find validcertification path to requested

Wednesday, October 19, 2016 at 11:28pm
0 votes
Hi I am trying to use REST Web service for Integration using Java. So i have pulled the "CreateAndSendPackageREST.java" from Developer Blog and updated the .PDF file location and executed the program. It has given the below SSL Error. Is there prerequisite of having Certificate for Integrating with Silanis. Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901) at sun.security.ssl.Handshaker.process_record(Handshaker.java:837) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1092) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) at oracle.silanis.HelloWorld.Sample.main(Sample.java:36) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428) ... 12 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) ... 18 more Process exited with exit code 1. Any pointers for this would be of great help. Thanks In Advance. Regards, Srikanth Srigiri.
Approved Answer
srikanthsrigir…

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Wednesday, October 26, 2016 at 08:49pm
0 votes
Hi Haris, Updated source code worked. Thanks a million. Regards, Srikanth Srigiri.
harishaidary

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Thursday, October 20, 2016 at 04:24am
0 votes
Hi Srikanth, Do you have an on-premise installation of eSignLive? Have you tried this on an environment with a non-self-signed SSL cert on the Front End? If so and it still isn't working try adding the root and intermediate certs from the CA to the trust store used by your JVM. http://docs.esignlive.com/content/c_integrator_s_guide/sdk/system_requirements_for_integration.htm
Haris Haidary OneSpan Technical Consultant
srikanthsrigir…

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Friday, October 21, 2016 at 02:30am
0 votes
Hi Haris, Thanks for the quick reply. I am developer from Oracle, we have Silanis integrated with one of our product using SOAP/XML. Now we want to move on to REST Web Services. We don;t have on-premise installation and Believe , we use it as SAAS model. As I don;t have any On premise installation, do I still need you generate the SSL key. If yes can you please share the list of pre-requisites to integrate using REST API . Thanks, Srikanth Srigiri.
harishaidary

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Friday, October 21, 2016 at 04:32am
0 votes
Try adding the certificate I posted above to your java store as a trusted certificate, see if it works. Normally, saas users do not need any certificates. I'm not sure why it's asking for you for a certificate. Could you share a bit more about your setup (e.g. environment, firewall, etc..)?
Haris Haidary OneSpan Technical Consultant
srikanthsrigir…

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Tuesday, October 25, 2016 at 11:53pm
0 votes
Hi Haris, Thanks for the clarification. Some of the Same programs shared in Silanis Developer BLOG worked after update code with APIKey and proxy settings System.setProperty("https.proxyHost", "www-xxxxx.xx.oracle.com"); System.setProperty("https.proxyPort", "80"); But the sample "CreateAndSendPackageREST" is returning 400 as response code. 400 Exception in thread "main" java.io.IOException: Server returned HTTP response code: 400 for URL: https://sandbox.esignlive.com/api/packages/ at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:526) at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1676) at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1674) at java.security.AccessController.doPrivileged(Native Method) at sun.net.www.protocol.http.HttpURLConnection.getChainedException(HttpURLConnection.java:1672) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1245) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) at oracle.silanis.SimpleCreateAndSendREST.main(SimpleCreateAndSendREST.java:71) Caused by: java.io.IOException: Server returned HTTP response code: 400 for URL: https://sandbox.esignlive.com/api/packages/ at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1627) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338) at oracle.silanis.SimpleCreateAndSendREST.main(SimpleCreateAndSendREST.java:67) Process exited with exit code 1. Source is same as downloaded, except that i have added System.setProperty() for proxy and updated APIKey Is this sample still valid. Do I need to do some changes w.r.t to package creation. Any pointers would be of great help. Regards, Srikanth Srigiri.
harishaidary

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Wednesday, October 26, 2016 at 03:57am
0 votes
I tried running the quick start guide and I am getting the same error. Not sure why the code doesn't work anymore. I'll look into it and get back to you with a fix.
Haris Haidary OneSpan Technical Consultant
harishaidary

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Wednesday, October 26, 2016 at 05:48am
0 votes
Hey Srikanth, I finally figured it out. There was an issue with the json payload. The "lastName" field was missing. I will go ahead and update the quick start guide. I also updated the code to catch any errors. Here's the working code: 
package example.codes;

import java.io.BufferedReader;

import java.io.File;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.nio.file.Files;

import javax.net.ssl.HttpsURLConnection;

public class CreateAndSendPackageRest {

	public static void main(String[] args) throws MalformedURLException, IOException {

		HttpsURLConnection connection = null;

		String requestURL = "https://sandbox.esignlive.com/api/packages";
		String apiKey = "api_key";
		String charset = "UTF-8";
		File uploadFile1 = new File("C:/Users/hhaidary/Desktop/PDFs/doc1.pdf");
		String boundary = Long.toHexString(System.currentTimeMillis());
		String CRLF = "\r\n"; // Line separator used in multipart/form-data.
		String jsonContent = "{\"roles\":[{\"locked\":false,\"emailMessage\":{\"content\":\"\"},\"attachmentRequirements\":[],\"reassign\":false,\"specialTypes\":[],\"id\":\"Sender\",\"data\":null,\"type\":\"SIGNER\",\"index\":0,\"signers\":[{\"auth\":{\"challenges\":[],\"scheme\":\"NONE\"},\"company\":\"Silanis\",\"firstName\":\"yourFirst\",\"lastName\":\"yourLast\",\"phone\":\"\",\"email\":\"[email protected]\",\"knowledgeBasedAuthentication\":null,\"language\":\"en\",\"title\":\"Silanis\",\"external\":null,\"professionalIdentityFields\":[],\"userCustomFields\":[],\"delivery\":{\"email\":true,\"provider\":false,\"download\":true},\"group\":null,\"signature\":null,\"address\":null,\"data\":null,\"name\":\"\",\"specialTypes\":[]}],\"name\":\"Sender\"},{\"locked\":false,\"emailMessage\":{\"content\":\"\"},\"attachmentRequirements\":[],\"reassign\":false,\"specialTypes\":[],\"id\":\"Signer\",\"data\":null,\"type\":\"SIGNER\",\"index\":0,\"signers\":[{\"auth\":{\"challenges\":[],\"scheme\":\"NONE\"},\"company\":\"\",\"firstName\":\"signerFirst\",\"lastName\":\"signerLast\",\"phone\":\"\",\"email\":\"[email protected]\",\"knowledgeBasedAuthentication\":null,\"language\":\"en\",\"title\":\"\",\"external\":null,\"professionalIdentityFields\":[],\"userCustomFields\":[],\"delivery\":{\"email\":false,\"provider\":false,\"download\":false},\"group\":null,\"id\":\"Signer\",\"signature\":null,\"address\":null,\"data\":null,\"name\":\"\",\"specialTypes\":[]}],\"name\":\"Signer\"}],\"documents\": [{\"approvals\":[{\"role\":\"Signer\",\"signed\":null,\"accepted\":null,\"data\":null,\"fields\":[{\"page\":0,\"subtype\":\"FULLNAME\",\"width\":200,\"binding\":null,\"extract\":false,\"extractAnchor\":null,\"left\":175,\"top\":165,\"validation\":null,\"height\":50,\"data\":null,\"type\":\"SIGNATURE\",\"value\":\"\"}],\"name\":\"\"},{\"role\":\"Sender\",\"signed\":null,\"accepted\":null,\"data\":null,\"fields\":[{\"page\":0,\"subtype\":\"FULLNAME\",\"width\":200,\"binding\":null,\"extract\":false,\"extractAnchor\":null,\"left\":550,\"top\":165,\"validation\":null,\"height\":50,\"data\":null,\"type\":\"SIGNATURE\",\"value\":\"\"}],\"name\":\"\"}],\"name\": \"sampleAgreement\"}],\"name\": \"Test Package REST\", \"type\":\"PACKAGE\", \"language\":\"en\", \"emailMessage\":\"\", \"description\":\"New Package\",\"autoComplete\":true,\"status\":\"SENT\"}";

		URL url = new URL(requestURL);
		connection = (HttpsURLConnection) url.openConnection();
		connection.setDoOutput(true);
		connection.setDoInput(true);
		connection.setRequestMethod("POST");
		connection.setRequestProperty("Content-Type", "multipart/form-data; boundary=" + boundary);
		connection.setRequestProperty("Authorization", "Basic " + apiKey);
		connection.setRequestProperty("Accept", "application/json; esl-api-version=11.0");
		OutputStream output = connection.getOutputStream();
		PrintWriter writer = new PrintWriter(new OutputStreamWriter(output, charset), true);

		try {

			// Add pdf file.
			writer.append("--" + boundary).append(CRLF);
			writer.append("Content-Disposition: form-data; name=\"file\"; filename=\"" + uploadFile1.getName() + "\"")
					.append(CRLF);
			writer.append("Content-Type: " + URLConnection.guessContentTypeFromName(uploadFile1.getName()))
					.append(CRLF);
			writer.append("Content-Transfer-Encoding: application/pdf").append(CRLF);
			writer.append(CRLF).flush();
			Files.copy(uploadFile1.toPath(), output);
			output.flush();
			writer.append(CRLF).flush();

			// add json payload
			writer.append("--" + boundary).append(CRLF);
			writer.append("Content-Disposition: form-data; name=\"payload\"").append(CRLF);
			writer.append("Content-Type: application/json; charset=" + charset).append(CRLF);
			writer.append(CRLF).append(jsonContent).append(CRLF).flush();

			// End of multipart/form-data.
			writer.append("--" + boundary + "--").append(CRLF).flush();
		} catch (IOException ex) {
			System.err.println(ex);
		}

		// get and write out response code
		int responseCode = ((HttpURLConnection) connection).getResponseCode();
		System.out.println(responseCode);

		if (responseCode == 200) {

			// get and write out response
			BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
			String inputLine;
			StringBuffer response = new StringBuffer();

			while ((inputLine = in.readLine()) != null) {
				response.append(inputLine);
			}
			in.close();

			// print result
			System.out.println(response.toString());

		} else {

			// get and write out response
			BufferedReader in = new BufferedReader(new InputStreamReader(connection.getErrorStream()));
			String inputLine;
			StringBuffer response = new StringBuffer();

			while ((inputLine = in.readLine()) != null) {
				response.append(inputLine);
			}
			in.close();

			// print result
			System.out.println(response.toString());

		}
	}
}
Don't forget to replace the api_key placeholder with your own value. Let me know if the code above works for you.
Haris Haidary OneSpan Technical Consultant
harishaidary

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Thursday, October 27, 2016 at 03:55am
0 votes
Good to hear =]
Haris Haidary OneSpan Technical Consultant
Shashikant

Reply to: SunCertPathBuilderException: unable to find validcertification path to requested

Monday, September 28, 2020 at 10:25pm
0 votes

Hello, I am getting same error when I am initiating REST service from Pega. Do I need to install any certificate? Link give above by Harish is not opening now, seems URl has changed. Can anyone help me with it?

Exceptioncom.pega.pegarules.pub.services.ConnectorException: Caught unhandled exception: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: PKIX path building failed: com.ibm.security.cert.IBMCertPathBuilderException: unable to find valid certification path to requested target

Duo_Liang

Reply to:

Tuesday, September 29, 2020 at 12:57pm
0 votes

Hi Shashikant,

 

You can find and download the latest leaf certificates for all environments in this document, or simply download the root certificate "GlobalSign Root CA -R3", here. Let me know if this solved the exception.

 

Duo

 

 

Duo Liang OneSpan Evangelism and Partner Integrations Developer

Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off

LoginSign Up