Common Causes for "PKIX path building failed" Error

Q

What are the reasons for the "PKIX path building failed" error? I am getting this "sun.security.validator.ValidatorException: PKIX path building failed:" error when running my Java application.

✍: FYIcenter.com

A

If you are getting the "sun.security.validator.ValidatorException: PKIX path building failed:" error in your Java application, you need to read more details from the exception error message to see what is the cause of the failure.

Some common reasons for the "PKIX path building failed" error:

  • "CertPathBuilderException: unable to find valid certification path to requested target" - The top certificate of the certificate validation chain is not in the trusted keystore.
  • "CertPathValidatorException: subject/issuer name chaining check failed" - May be Intermediate CA certificates received from the server are wrong.
  • "CertPathValidatorException: signature check failed" - May be the signature of the server certificate is corrupted.
  • "CertPathValidatorException: time stamp check failed" - May be the server certificate is expired.
  • "CertPathValidatorException: Path does not chain with any of the trust anchors" - May be the server certificate is a self-signed certificate with the "keyCertSign" included in the "keyUsage".
  • "CertPathValidatorException: The certificate expired at ..." - The expiration date on the server certificate has been passed.
  • "CertPathValidatorException: The revocation status of the certificate with subject ... could not be determined" - Java failed to check if the server certificate is been removed or not.
  • "CertPathValidatorException: Certificate has been revoked" - The server certificate validation path is good. The CA has revoked the server certificate.

 

SunCertPathBuilderException - Server Certificate Error

Password for "cacerts" - Java System Keystore

Using Certificates with Java VM

⇑⇑ Certificates on Java VM

2012-07-21, 20504👍, 0💬