Ask Questions and Find Answers
Important:
Ask is now read-only. You can review any existing questions and answers, but not add anything new.
But - don't panic! While ask is no more, we've replaced it with discuss - the new Liferay Discussion Forum! Read more here here or just visit the site here:
discuss.liferay.com
RE: Liferay 7.2 REST API related SunCertPathBuilderException.
Hi,
I created REST API in liferay 7.2I tried to call the API using .
byte[] encodedAuth = Base64.encodeBase64(
auth.getBytes(StandardCharsets.ISO_8859_1));
String authHeader = "Basic " + new String(encodedAuth);
HttpGet get = new HttpGet(url);
get.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
get.setHeader("Content-Type", "application/x-www-form-urlencoded");
HttpClient client = HttpClientBuilder.create().build(); HttpResponse response = client.execute(get);
I am getting this error. Could you please help me how to resolve the issue.
2020-06-24 11:22:46.895 ERROR [ajp-nio-8009-exec-10][render_portlet_jsp:131] null
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:227)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1671)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1082)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:1010)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1079)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1388)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1416)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1400)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
I created REST API in liferay 7.2I tried to call the API using .
byte[] encodedAuth = Base64.encodeBase64(
auth.getBytes(StandardCharsets.ISO_8859_1));
String authHeader = "Basic " + new String(encodedAuth);
HttpGet get = new HttpGet(url);
get.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
get.setHeader("Content-Type", "application/x-www-form-urlencoded");
HttpClient client = HttpClientBuilder.create().build(); HttpResponse response = client.execute(get);
I am getting this error. Could you please help me how to resolve the issue.
2020-06-24 11:22:46.895 ERROR [ajp-nio-8009-exec-10][render_portlet_jsp:131] null
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:227)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1671)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1082)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:1010)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1079)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1388)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1416)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1400)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
Just to clarify my assumptions:
You have a Liferay server which is configured to use SSL (either directly in Tomcat or using an Apache reverse proxy). You have a client application that tries to access that server.
Do you have a self signed certificate in your server? Than you need to import the relevant root certificate in the certstore of your client.
If you have bought a certificate from some vendor, you can have either misconfigured it in the server e.g. by forgetting to add the intermediate certificate to complete the chain (there are online tests for that, if your server is in the internet, you can test e.g. with https://www.ssllabs.com/ssltest/ , something I would recommend to do anyway!). I am sure, there are other test tools out there.
If the server is fine, you probably have a certificate chain issue in the client. Maybe the certificate store is not up to date and doesn't recognize your vendor.
Since there are many paths that lead to that error, you need to narrow it down to get better hints.
You have a Liferay server which is configured to use SSL (either directly in Tomcat or using an Apache reverse proxy). You have a client application that tries to access that server.
Do you have a self signed certificate in your server? Than you need to import the relevant root certificate in the certstore of your client.
If you have bought a certificate from some vendor, you can have either misconfigured it in the server e.g. by forgetting to add the intermediate certificate to complete the chain (there are online tests for that, if your server is in the internet, you can test e.g. with https://www.ssllabs.com/ssltest/ , something I would recommend to do anyway!). I am sure, there are other test tools out there.
If the server is fine, you probably have a certificate chain issue in the client. Maybe the certificate store is not up to date and doesn't recognize your vendor.
Since there are many paths that lead to that error, you need to narrow it down to get better hints.
Thank you so much.I found its some project internal badge issue for SSL certificate which i need to add.This is almost the 5th time that i resolved my issues only because of the replies i got from liferay team.Especially liferay DXP issues Liferay forums is the only hope. Finally resolved.Thank you.
Copyright © 2025 Liferay, Inc
• Privacy Policy
Powered by Liferay™