spring - SSLHandshakeException when authenticating with Linkedin -


i'm having issues authenticating linkedin using spring social.

so far, can open form on http://localhost:8080/signin on server, click on link auth/linkedin redirects https://www.linkedin.com/uas/oauth2/authorization?..., after allowing access, redirects http://localhost:8080/auth/linkedin?.... @ point, server posts https://www.linkedin.com/uas/oauth2/accesstoken, fails with:

sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target; nested exception javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target ... caused by: javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target ... caused by: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target ... caused by: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target

i'm far expert when comes certificates. far can tell, linkedins certificate being rejected. in order accepted, either linkedins certificate, or certificate of certificate authority issued it, have in trust store.

the error indicates have neither. 1 solution seems to import certificate of certificate authority trust store.

this seems bad practice. assume talking linkedin, point of chain of trust not assume prove someones identify, , in case hasn't happened. if assume if are, certificate loses value.

also, seems shouldn't getting error in first place. haven't found other people having issues linkedin , find hard believe wouldn't use recognized certificate authority. root cause of issue?

as said have add ssl certificates of resources consuming jvm's keystore (you can download certificates using browser). here post showing how proceed way. alternative disable ssl validation adding bean:

@bean public boolean disablesslvalidation() throws exception {  final sslcontext sslcontext = sslcontext.getinstance("tls");  sslcontext.init(null, new x509trustmanager[]{new x509trustmanager() {      public void checkclienttrusted(x509certificate[] x509certificates, string s) throws certificateexception {     }      public void checkservertrusted(x509certificate[] x509certificates, string s) throws certificateexception {     }      @override     public void checkclienttrusted(java.security.cert.x509certificate[] x509certificates, string s) throws java.security.cert.certificateexception {      }      @override     public void checkservertrusted(java.security.cert.x509certificate[] x509certificates, string s) throws java.security.cert.certificateexception {      }      public java.security.cert.x509certificate[] getacceptedissuers() {         return new java.security.cert.x509certificate[0];     } }}, null);  httpsurlconnection.setdefaultsslsocketfactory(sslcontext.getsocketfactory()); httpsurlconnection.setdefaulthostnameverifier(new hostnameverifier() {     public boolean verify(string hostname, sslsession session) {         return true;     } });  return true; }

consider of these alternatives best suits needs.


Comments

Post a Comment

Popular posts from this blog

php - Vagrant up error - Uncaught Reflection Exception: Class DOMDocument does not exist -

i've set bento/ubuntu-16.04 vagrant box using php 5.6, , getting following error quite few times when try , run shell script: "uncaught reflection exception: class domdocument not exist". i've tried adding following top of script (not together), each no success: "sudo apt-get install php5.6-xml", "sudo apt-get install php5-xml", "sudo apt-get install php-dom" i've tried resetting server "sudo service apache2 restart". does have suggestions?
Read more

vue.js - Create hooks for automated testing -

Image
qa guys complained can't automate frontend testing. because our html looks same outside. lazy hack did this <template> <div :role="$options.name"> ... </div> </template> <script> export default { name: 'vmcomponentname' } </script> which takes name script , applies html. in browser get: <div role="vmcomponentname"> ... </div> line :role="$options.name" goes in every component. is there dry er solutions? please share. additional details i'll explain in details looking for. imagine have vmusercreate form creates user. test case can create user . to automatically test without role, have use following selector: .wrapper > .wrapper > .wrapper > .submit-button the test extremely brittle (will break lot). if use roles can use [role="vmusercreateform"] .submit-button selector. many folds less brittle. so basically, i'm
Read more

.htaccess - ERR_TOO_MANY_REDIRECTS htaccess -

could can explain me .htaccess code doing? rewriterule ([0-9]+)/([^t]{1}[a-za-z0-9_-]{0,})\.([^s]{1}[a-za-z0-9]+)$ ../items/go.php?u=$1/$2.$3 i have folder : mywebsite.com/download/folder1/ .htaccess file in uplevel mywebsite.com/download/ folder contains code above. when access file directly path mywebsite.com/download/folder1/file.mp4 returns error : mywebsite.com redirected many times. try clearing cookies. err_too_many_redirects i tried clear browser cookies issue persist. issue solved when commented out htaccess line above. this rule appears looking specific pattern consisting of: <numbers>/<alphanumeric string not starting t , other conditions applied>.<alphanumeric string not starting s> then redirecting user's browser go.php parsed filename passed file arguments. err_too_many_redirects due infinite redirect loop. without knowing other rewriterule statements present difficult narrow down exact cause. can narrow down
Read more