Ask a Question

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not

SOLVED
cbrzana
Occasional Contributor

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not

I am unable to get any request to pass that requires a cert. The error I see is:

 

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints

 

Based on information found elsewhere, I tried commenting out the line:

#jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024

 

from the \jre\lib\security directory of the java instance used by Ready API. I am seeing this in multiple versions of ReadyAPI, including the latest 1.5.0-m SNAPSHOT build.

 

I also have SoapUI Pro 5.1.2 installed on the same machine and do not have this same issue.

1 ACCEPTED SOLUTION

Accepted Solutions
cbrzana
Occasional Contributor

Re: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does

Working with SmartBear support, they were able to help identify the issue. Here are the details in the event anybody else runs into this in the future:

 

Starting with Ready API 1.4 they began using Java 1.8 which uses TLS 1.2 as default (as opposed to 1.1 which java 1.7 uses). Adding "-Dsoapui.sslcontext.algorithm=TLSv1" to the ReadyAPI.vmoptions file plus commenting out  "jdk.certpath.disabledAlgorithms" line in java security fixes the issue we were having with certs.

View solution in original post

2 REPLIES 2
TanyaYatskovska
Community Manager

Re: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does

Hi Cbrzana,

 

If everything works fine in SoapUI Pro, I recommend that you report this issue to our Ready! API Support Team ( http://support.smartbear.com/product-list/ ). Perhaps, this is an issue in this product version.

 

---------
Tanya Yatskovskaya
SmartBear Community and Education Manager


Did my reply answer your question? Give Kudos or Accept it as a Solution to help others. ⬇️⬇️⬇️
cbrzana
Occasional Contributor

Re: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does

Working with SmartBear support, they were able to help identify the issue. Here are the details in the event anybody else runs into this in the future:

 

Starting with Ready API 1.4 they began using Java 1.8 which uses TLS 1.2 as default (as opposed to 1.1 which java 1.7 uses). Adding "-Dsoapui.sslcontext.algorithm=TLSv1" to the ReadyAPI.vmoptions file plus commenting out  "jdk.certpath.disabledAlgorithms" line in java security fixes the issue we were having with certs.

cancel
Showing results for 
Search instead for 
Did you mean: