Service Virtualization

Expand all | Collapse all

handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

Jump to Best Answer
  • 1.  handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

    Posted 09-19-2019 11:05 AM
    Edited by David wong 30 days ago
    Hi there,

    I am trying to record the communication between an UI app and API. I am using CA SV, but seeing the below error in SSL debugger.
    Any suggestions out there?


  • 2.  RE: handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    Best Answer

    Posted 09-19-2019 12:19 PM
    Hi David,

    It seems, your certificate chain is not able to actually verify your certificate properly.SSL Certificate has not been added to the trust file for the client application, SSL certificates should be trusted by the client application before they can be used to access a server.

    Also, You have to use trustStore instead of using keyStore in client and trustStorePassword instead of using keyStorePassword in client also.

    For Server:  javax.net.ssl.keyStore (server.jks)
    For Client:  javax.net.ssl.trustStore(client.jks)

    ------------------------------
    Regards,
    Vaibhav Jain
    Capgemini
    ------------------------------



  • 3.  RE: handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

    Posted 09-20-2019 02:23 AM
    HI David
                Looks like the CA certificate that was used to issue the SSL certificate of your API server is not a well known CA. You could create an SSL context by importing the Public key certificates of all the CA's in the certificate chain till the root CA. Devtest allows you to choose a keystore for connecting to server using SSL.

    Please try this out and if you need hand-holding, please raise a support ticket.

    -Sankar

    ------------------------------
    Sankar Natarajan
    Service Virtualization Product Engineering Team
    Broadcom
    ------------------------------