mihirk.61757 (Customer) asked a question.
Hello,
we are getting below error while invoking API for access token from our code.
Wealready have imported required certificate in Java home.
Error is PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.
We are trying to test OpenID connect integration through OKTA. Below is the required code snippet.
HttpPost httppost = new HttpPost("https://dev-15411581.okta.com/oauth2/v1/token");
httppost.setHeader("content-type", "application/x-www-form-urlencoded");
postParameters = new ArrayList<NameValuePair>();
postParameters.add(new BasicNameValuePair("grant_type", "authorization_code"));
postParameters.add(new BasicNameValuePair("code", code));
postParameters.add(new BasicNameValuePair("redirect_uri", "http://localhost:8080/Inside"));
postParameters.add(new BasicNameValuePair("client_id", "0oa60ln2uiYjJWHBM5d7"));
postParameters.add(new BasicNameValuePair("client_secret", "LDYhkim1E-PhqTu3lH0KIqHgsa9C-vdzxSvtjSQw"));
postParameters.add(new BasicNameValuePair("code_verifier", "qjrzSW9gMiUgpUvqgEPE4_-8swvyCtfOVvg55o5S_es"));
httppost.setEntity(new UrlEncodedFormEntity(postParameters, "UTF-8"));
Regards
Mihir
Hi @mihirk.61757 (Customer),
Have you tried to specify the certificate store by using "-Djavax.net.ssl.trustStore=" JVM flag?
You can also use e.g. this "-Djavax.net.debug=handshake:ssl" flag to troubleshoot SSL connections. You could use "-Djavax.net.debug=all" as well, but it is too verbose - in my opinion.
-Jani
Thanks Jani
with the same configuration changes as per the shared, it worked !!