Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

Server certificate rejected by ChainVerifier

Hi,

I have written a java program for connecting to an HTTPS URL and get the response from the site.

The HTTPS URL works well when I typed the URL in browser. But the same URL is failing while connecting using my program. I am getting the following exception while connecting to my HTTPS page "iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier"

I am attaching the code below for your reference.

        String s = new String();
        s = "MyRequest=" + s;
        IAIK.addAsJDK14Provider(true);
        IAIK.addAsJDK14Provider();

        KeyStore keystore = Utils.getJavaDefaultKeystore();

        /* Giving "SUN version 1.5" as a provider */
        System.out.println("keystore provider:"+keystore.getProvider());

		 FileInputStream fis = new FileInputStream("mycertificatefile");
		 BufferedInputStream bis = new BufferedInputStream(fis);

		 CertificateFactory cf = CertificateFactory.getInstance("X.509");
		 Certificate cert = null;
		 while (bis.available() > 0) {
			cert = cf.generateCertificate(bis);
		 }

		 keystore.setCertificateEntry("service_ssl",cert);

        SecureConnectionFactory secureconnectionfactory = new SecureConnectionFactory(keystore);
        secureconnectionfactory.setIgnoreServerCertificate(false);
        HttpURLConnection httpurlconnection = secureconnectionfactory.createURLConnection(url);
        httpurlconnection.setRequestMethod("POST");
        BufferedWriter bufferedwriter = new BufferedWriter(new OutputStreamWriter(httpurlconnection.getOutputStream()));
        bufferedwriter.write(s, 0, s.length());
        bufferedwriter.close();
        Utils.setBasicAuthenticationHeader(httpurlconnection, user, password);
        try
        {
            httpurlconnection.connect();
        }
        catch(ConnectException connectexception)
        {
            error("Connection timeout");
            System.exit(1);
        }
        catch(Exception exception)
        {
            exception.printStackTrace();
            error("Connection exception");
            System.exit(1);
        }
        int i = httpurlconnection.getResponseCode();
        System.out.println("http Response Code = " + i);

If I pass the setIgnoreServerCertificate(true), then I am getting the following exception

java.io.IOException: Fatal SSL handshake error: java.lang.RuntimeException: Unable to create cipher AES/CBC/NoPadding: java.security.InvalidKeyException: Illegal key size

Thanks & Regards,

Santhosh.C

Not what you were looking for? View more on this topic or Ask a question