javax.net.ssl.Sslhandshakeexception: Received fatal Alert: bad_certificate

Asked

Viewed 208 times

-1

I am trying to authenticate on a web page with digital certificate, but the above error occurs.

There is a "workaround": Import the certificate into Windows and re-export. In this process, the file is added certain information (usually the size goes from 4k to 10k) and the authentication occurs smoothly.

Questions: What information is missing from the certificate that prevents authentication? And how to solve the problem via java, so that the user does not need to handle the certificate?

1 answer

0


After making a diff between the SSL authentication log of the original certificate and the modified one, I found the solution.

The information added to the Windows certificate is Certificate chain.

To add to the certificate, I needed to do the following:

  1. Add chain certificates to the project’s Resource, and create a method that loads the Resource string into an array;
  2. Create an empty Keystore, and copy the original Keystore certificates to it using the setKeyEntry() method. This method takes as one of the arguments a chain.

Using the new generated Keystore, the authentication worked perfectly.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.