spring - SSLHandshakeException when authenticating with Linkedin -


i'm having issues authenticating linkedin using spring social.

so far, can open form on http://localhost:8080/signin on server, click on link auth/linkedin redirects https://www.linkedin.com/uas/oauth2/authorization?..., after allowing access, redirects http://localhost:8080/auth/linkedin?.... @ point, server posts https://www.linkedin.com/uas/oauth2/accesstoken, fails with:

sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target; nested exception javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target ... caused by: javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target ... caused by: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target ... caused by: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target 

i'm far expert when comes certificates. far can tell, linkedins certificate being rejected. in order accepted, either linkedins certificate, or certificate of certificate authority issued it, have in trust store.

the error indicates have neither. 1 solution seems to import certificate of certificate authority trust store.

this seems bad practice. assume talking linkedin, point of chain of trust not assume prove someones identify, , in case hasn't happened. if assume if are, certificate loses value.

also, seems shouldn't getting error in first place. haven't found other people having issues linkedin , find hard believe wouldn't use recognized certificate authority. root cause of issue?

as said have add ssl certificates of resources consuming jvm's keystore (you can download certificates using browser). here post showing how proceed way. alternative disable ssl validation adding bean:

@bean public boolean disablesslvalidation() throws exception {  final sslcontext sslcontext = sslcontext.getinstance("tls");  sslcontext.init(null, new x509trustmanager[]{new x509trustmanager() {      public void checkclienttrusted(x509certificate[] x509certificates, string s) throws certificateexception {     }      public void checkservertrusted(x509certificate[] x509certificates, string s) throws certificateexception {     }      @override     public void checkclienttrusted(java.security.cert.x509certificate[] x509certificates, string s) throws java.security.cert.certificateexception {      }      @override     public void checkservertrusted(java.security.cert.x509certificate[] x509certificates, string s) throws java.security.cert.certificateexception {      }      public java.security.cert.x509certificate[] getacceptedissuers() {         return new java.security.cert.x509certificate[0];     } }}, null);  httpsurlconnection.setdefaultsslsocketfactory(sslcontext.getsocketfactory()); httpsurlconnection.setdefaulthostnameverifier(new hostnameverifier() {     public boolean verify(string hostname, sslsession session) {         return true;     } });  return true; } 

consider of these alternatives best suits needs.


Comments

Popular posts from this blog

php - Vagrant up error - Uncaught Reflection Exception: Class DOMDocument does not exist -

vue.js - Create hooks for automated testing -

Add new key value to json node in java -