javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

security ssl client-server jsse
amin picture amin · Jun 13, 2013 · Viewed 9.4k times · Source

I want to establish a secure channel between a client and server using Java SSL session.

I followed the following link http://www.herongyang.com/JDK/ssl_https.html to establish the connection after I run this command from the command line to create a server key.

keytool-genkey-alias Herong keyalg-RSA-keysize 1024-keystore. keystore

this code returns me an error type "Received fatal alert: certificate_unknown" I do not see where is the error in the code?

Server started:
Server socket class: class com.sun.net.ssl.internal.ssl.SSLServerSocketImpl
Socker address = 0.0.0.0/0.0.0.0
Socker port = 8888
Need client authentication = false
Want client authentication = false
Use client mode = false
Socket Server class: class com.sun.net.ssl.internal.ssl.SSLSocketImpl
Remote address = /127.0.0.1
Remote  Server port = 36571
Local socket Server address = /127.0.0.1:8888
Local Server address = /127.0.0.1
Local Server port = 8888
Need Server client authentication = false
Cipher suite = SSL_NULL_WITH_NULL_NULL
Protocol = NONE
javax.net.ssl.SSLException: Connection has been shutdown:   javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(Unknown Source)
    at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
    at sun.nio.cs.StreamDecoder.readBytes(Unknown Source)
    at sun.nio.cs.StreamDecoder.implRead(Unknown Source)
    at sun.nio.cs.StreamDecoder.read(Unknown Source)
    at java.io.InputStreamReader.read(Unknown Source)
    at java.io.BufferedReader.fill(Unknown Source)
    at java.io.BufferedReader.readLine(Unknown Source)
    at java.io.BufferedReader.readLine(Unknown Source)
    at HttpsHello.main(HttpsHello.java:31)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.getSession(Unknown Source)
    at HttpsHello.printSocketInfo(HttpsHello.java:59)
    at HttpsHello.main(HttpsHello.java:26)

Answer

Related questions

Default SecurityProtocol in .NET 4.5

What is the default security protocol for communicating with servers that support up to TLS 1.2? Will .NET by default, choose the highest security protocol supported on the server side or do I have to explicitly add this line of code: …

Read More
SSL Error: unable to get local issuer certificate

I'm having trouble configuring SSL on a Debian 6.0 32bit server. I'm relatively new with SSL so please bear with me. I'm including as much information as I can. Note: The true domain name has been changed to protect the identity …

Read More
Keystore type: which one to use?

By looking at the file java.security of my JRE, I see that the keystore type to use by default is set to JKS. Here, there is a list of the keystore types that can be used. Is there a …

Read More