Please use this thread to discuss [node:21338]
Discussion for "Streaming SSL certificate updates"
I realize the changes aren’t supposed to take effect until later, but suddenly today we’re getting the following when we try to connect. Has something changed already?
Thank you,
Thom
[Thu Sep 12 16:01:24 PDT 2013]Establishing connection.
[Thu Sep 12 16:01:26 PDT 2013]sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Relevant discussions can be found on the Internet at:
http://www.google.co.jp/search?q=944a924a or
http://www.google.co.jp/search?q=24fd66eb
TwitterException{exceptionCode=[944a924a-24fd66eb 944a924a-24fd66c1 944a924a-24fd66c1 944a924a-24fd66c1], statusCode=-1, message=null, code=-1, retryAfter=-1, rateLimitStatus=null, version=3.0.3}
at twitter4j.internal.http.HttpClientImpl.request(HttpClientImpl.java:192)
panopticongeo onDisconnect() @ Thu Sep 12 16:01:26 PDT 2013
Connect-Disconnect Time 1379026886246
at twitter4j.internal.http.HttpClientWrapper.request(HttpClientWrapper.java:61)
at twitter4j.internal.http.HttpClientWrapper.post(HttpClientWrapper.java:98)
at twitter4j.TwitterStreamImpl.getFilterStream(TwitterStreamImpl.java:304)
at twitter4j.TwitterStreamImpl$7.getStream(TwitterStreamImpl.java:292)
at twitter4j.TwitterStreamImpl$TwitterStreamConsumer.run(TwitterStreamImpl.java:462)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1762)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:958)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1203)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1230)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1214)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1031)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
at twitter4j.internal.http.HttpClientImpl.request(HttpClientImpl.java:150)
… 5 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
… 17 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
… 23 more
Hi Arne,
Will this impact sitestream.twitter.com as well, or only userstream. and stream. ?
Thanks,
-Hans
I’m still seeing the old certificate on stream.twitter.com, which expires on Dec. 31, 2013. This would appear to be unrelated?
Only userstream and stream at this time. Sitestream was previously updated and its certificate is good through 2015.
Hi Arne,
I’m using
https://stream.twitter.com
to open a stream connection via java 1.6.
I’m, setting this property (the SUN security prvider) before connection:
System.setProperty(“java.protocol.handler.pkgs”, “com.sun.net.ssl.internal.www.protocol”);
and all works fine.
In the update communication you said:
“The stream.twitter.com certificate is already signed against the Verisign G3 root, so clients currently connecting to this domain already have the appropriate root certificates installed.”
So I understand I’have nothing to change.
I understand you correctly?
Many thanks!
Andrea
I have rb.php and oauth.php, which stopped working. can anyone suggest changes to the oauth code to handle the https? thanks.
I’m using twitter4j, I changed the configuration to use ssl ( configurationBuilder.setUseSSL(true); ) but the method getOAuthRequestToken still returns HTTP addresses in its configuration.
Can anyone explain the process to make twitter4j work with the new changes in the twitter API?
But seriously, anyone want to take a crack at modifying some code I have that worked pre-SSL? Help!
I am having trouble with the twitter4j and the certificates on the production server. On my personal system which I use as test I updated my twitter4j library to 3.0.5 and everthing worked fine again. But on the production server I updated the same library and manually added the certificates to the JRE but I still get the:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException
Any help?
Thx
I have copied the cacerts from an actual java 7_51 installation to my /usr/lib/jvm/java-6-sun/jre/lib/security/ directory, and it worked again.
Why was this so difficult??? I spent hours on this before finding this very simple solution. I did exactly what @Steffen2042 said, found a Java 7 installation, located the cacerts file, and copied it over the one in my java 7 installation. BOOM! It works. Sheesh, why was this so difficult???
Hello all, Am writing a java program that collects tweets with keyword say for example the keyword is chennai. Am using twitter4j-3.0.5, NetBeansIDE-7.4, Windows7 Operating System and a https connection. After providing the proxy settings & OAuth Credentials i downloaded the Security Certificate from the api.twitter.com website in the form of “apitwitter.cer” file & imported into my Java location which is “C:\Program Files\Java\jre7\lib\security\cacerts” using the keytool command, after which i get a message as “Certificate was added to keystore”. But when i run my program am still getting the exception message as
"[Fri Jan 31 16:03:42 IST 2014]sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
Could anyone pls help?
i am trying to collect twitts using java application (already registred) and using twitter4j api but i am having the same error
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
any one who had resolved it, would you like to explain en detail because i am not femaliar with the certificate prb