issue with the swagger validator when trying to read yaml file from https port
issue with the swagger validator when trying to read yaml file from https port
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
Comments (13)
-
-
Thank you for replying and can you give me example for key- and truststore , I tried with RestAssured.useRelaxedHTTPSValidation() but not working for yaml file
-
Does this help? https://github.com/rest-assured/rest-assured/issues/790
-
Can you try to load the .yaml from your local resources? Just to make sure it's the connection to your https server.
-
I was reading the yaml file from local folder in the project and there was any problems , but when change to the published url with the service the problem occurred
-
Please add this to your test (I suppose it is JUnit).
@BeforeClass public static void setUpSpec() { final TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) { } } }; try { final SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (final GeneralSecurityException e) { System.out.println("ERROR!!! Should not happen: " + e.getMessage()); } }
And here are the imports:
import java.security.GeneralSecurityException; import java.security.cert.X509Certificate; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.junit.BeforeClass;
This registers a Truststore for the running JVM which accpets every certificate.
-
It solved the certificate issue with yaml file but I got Connection refused error from the the endpoint itself
-
Is this an issue by the S-R-V?
-
what is the S-R-V ?
-
S-R-V => Swagger-Request-Validator
-
:) ok , no it's related to this security issue
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
-
So, if it's not related to the S-R-V... This issue can be closed?
-
- changed status to resolved
- Log in to comment
Do you start your application with a key- and truststore enabled with the correct key- and truststore password? That should enable reading the yaml from the https connection.
Can you read the yaml file before initializing the Swagger Request Validator? If not the problem might not be the S-R-V.