👀 Views: 11 💬 Answers: 1 📅 Created: 2025-06-08

spring-boot ssl https resttemplate javase Java

I'm migrating some code and I'm getting frustrated with I've been banging my head against this for hours. Hey everyone, I'm running into an issue that's driving me crazy. I'm working with an `SSLHandshakeException` when trying to connect my Spring Boot application to an external API that uses a self-signed SSL certificate. The behavior I'm working with is: ``` javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ``` I've added the self-signed certificate to the Java trust store using the `keytool` command: ``` keytool -importcert -file my_cert.crt -keystore $JAVA_HOME/jre/lib/security/cacerts -alias my_cert ``` I confirmed that the certificate was added by listing the contents of the trust store: ``` keytool -list -keystore $JAVA_HOME/jre/lib/security/cacerts ``` However, I'm still working with the same exception when making an HTTPS request. I've also tried configuring SSL in my `application.properties` as follows: ``` spring.ssl.trust-store=classpath:my_truststore.jks spring.ssl.trust-store-password=changeit ``` Additionally, I've tested fetching the URL using a simple Java `HttpURLConnection`, and that works perfectly: ```java URL url = new URL("https://myapi.com/data"); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setRequestMethod("GET"); InputStream inputStream = connection.getInputStream(); // Read from inputStream... ``` But when I try to execute a Spring `RestTemplate` call, it fails: ```java RestTemplate restTemplate = new RestTemplate(); String response = restTemplate.getForObject("https://myapi.com/data", String.class); ``` I’ve tried both the default `RestTemplate` and a custom `RestTemplate` with a `TrustStrategy`, but the `SSLHandshakeException` continues. Here’s the custom `RestTemplate` setup I attempted: ```java @Bean public RestTemplate restTemplate() throws Exception { SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }, new SecureRandom()); HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(); factory.setHttpClient(HttpClients.custom().setSSLContext(sslContext).build()); return new RestTemplate(factory); } ``` Is there something I'm missing in the SSL configuration, or is there another way to bypass this scenario? Any help would be appreciated! This is part of a larger web app I'm building. How would you solve this? Thanks in advance! What are your experiences with this? For reference, this is a production web app.