If you are a Java developer, you may have encountered the javax.net.ssl.SSLPeerUnverifiedException: Peer Not Authenticated error while working with SSL connections. This error occurs when the server certificate is not trusted or when the certificate chain is incomplete or invalid. In this guide, we will provide you with a step-by-step solution to fix this error.
Step 1: Verify the Server Certificate
The first step to fixing the javax.net.ssl.SSLPeerUnverifiedException: Peer Not Authenticated error is to verify the server certificate. You can use the keytool utility in Java to check the certificate. Here's how:
Open a command prompt or terminal window.
Navigate to the bin directory of your Java installation.
Run the following command to check the server certificate:
keytool -printcert -sslserver <hostname>:<port>
Replace <hostname> and <port> with the hostname and port of the server you are connecting to. For example:
keytool -printcert -sslserver example.com:443
Verify that the certificate is valid and trusted. If the certificate is not trusted, you can import it into the truststore using the keytool utility.
Step 2: Import the Server Certificate into the Truststore
If the server certificate is not trusted, you can import it into the truststore using the keytool utility. Here's how:
Obtain the server certificate. You can usually do this by visiting the server URL in a web browser and exporting the certificate.
Import the certificate into the truststore using the following command:
keytool -importcert -trustcacerts -alias <alias> -file <path-to-certificate> -keystore <path-to-truststore>
Replace <alias> with a unique name for the certificate, <path-to-certificate> with the path to the certificate file, and <path-to-truststore> with the path to the truststore file. For example:
keytool -importcert -trustcacerts -alias example_com -file example_com.cer -keystore truststore.jks
Verify that the certificate is imported by running the following command:
keytool -list -keystore <path-to-truststore>
FAQ
What is the javax.net.ssl.SSLPeerUnverifiedException error?
The javax.net.ssl.SSLPeerUnverifiedException error occurs when the server certificate is not trusted or when the certificate chain is incomplete or invalid.
How do I check the server certificate in Java?
You can use the keytool utility in Java to check the server certificate. Run the following command:
keytool -printcert -sslserver <hostname>:<port>
Replace <hostname> and <port> with the hostname and port of the server you are connecting to.
How do I import a server certificate into the truststore?
You can import a server certificate into the truststore using the keytool utility. Run the following command:
keytool -importcert -trustcacerts -alias <alias> -file <path-to-certificate> -keystore <path-to-truststore>
Replace <alias> with a unique name for the certificate, <path-to-certificate> with the path to the certificate file, and <path-to-truststore> with the path to the truststore file.
How do I list the certificates in a truststore?
You can list the certificates in a truststore using the following command:
keytool -list -keystore <path-to-truststore>
Replace <path-to-truststore> with the path to the truststore file.
What is a truststore in Java?
A truststore in Java is a repository of trusted certificates used to verify the identity of SSL/TLS servers.