Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available in java(spring)

Question

i am trying to authenticate a server i am having server certificate and i have created key store and trust store. The exception is happening at rest template in the code i dont get what the error is i have searched in the net but i found no solution

my java code:

org.json.JSONObject json = new org.json.JSONObject();

    org.json.JSONObject root = new org.json.JSONObject();
    root.put("Version", "1");
    json.put("key", "test");
    root.put("message", json);
    System.out.println(root);

    String url = "https://example.com";
App obi = new App();
    obi.trustSelfSignedSSL();

    System.setProperty("javax.net.ssl.keyStore", "/Users/crohitk/Desktop/spring/keystore.jks");

   System.setProperty("javax.net.ssl.keyStorePassword", "password");
   System.setProperty("javax.net.ssl.trustStore","/Users/crohitk/Desktop/spring/ca-certs.jks");

   System.setProperty("javax.net.ssl.trustStorePassword","");


   KeyStore keyStore = null;
   KeyStore truststore = null;

        keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

        keyStore.load(new FileInputStream("/Users/crohitk/Desktop/spring/keystore.jks"),
                "password".toCharArray());


    SSLConnectionSocketFactory socketFactory = null;

        socketFactory = new SSLConnectionSocketFactory(
                new SSLContextBuilder()

                        .loadKeyMaterial(keyStore, "password".toCharArray()).build());


    HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();

    ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(
            httpClient);

    RestTemplate restTemplate = new RestTemplate(requestFactory);





  String result = restTemplate.postForObject(url, root , String.class);
    System.out.println(result);
    System.out.println( "Hello World!" );
}

    public static void trustSelfSignedSSL() {
        try {
            SSLContext ctx = SSLContext.getInstance("TLS");
            X509TrustManager tm = new X509TrustManager() {

                public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
                }

                public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
                }

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            ctx.init(null, new TrustManager[]{tm}, null);
            SSLContext.setDefault(ctx);
        } catch (Exception ex) {
            ex.printStackTrace();
        }
        }

error trace:

Exception in thread "main" org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://example.com":java.security.cert.CertificateException: No X509TrustManager implementation available; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:602)
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:552)
    at org.springframework.web.client.RestTemplate.postForObject(RestTemplate.java:352)
    at url.url1.App.main(App.java:258)

my pom.xml:

<dependencies>
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.11</version>
            <scope>test</scope>
        </dependency>
        <!-- Spring dependencies -->
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-core</artifactId>
            <version>${spring.version}</version>
        </dependency>

        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-web</artifactId>
            <version>${spring.version}</version>
        </dependency>

        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-webmvc</artifactId>
            <version>${spring.version}</version>
        </dependency>


        <dependency>
    <groupId>commons-codec</groupId>
    <artifactId>commons-codec</artifactId>
    <version>1.9</version>
</dependency>


    <dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-jdbc</artifactId>
    <version>4.1.0.RELEASE</version>
</dependency>



    <dependency>
        <groupId>mysql</groupId>
        <artifactId>mysql-connector-java</artifactId>
        <version>5.1.9</version>
    </dependency>



        <!-- Spring AOP dependency -->
        <dependency>
                <groupId>cglib</groupId>
        <artifactId>cglib</artifactId>
        <version>2.2</version>
    </dependency>

    <!-- Hibernate framework -->
        <dependency>
    <groupId>org.hibernate</groupId>
    <artifactId>hibernate</artifactId>
    <version>3.2.3.ga</version>
</dependency>

    <!--<dependency>
        <groupId>hibernate</groupId>
        <artifactId>hibernate3</artifactId>
        <version>3.2.3.GA</version>
    </dependency> -->


    <!-- Hibernate library dependecy start -->
    <dependency>
        <groupId>dom4j</groupId>
        <artifactId>dom4j</artifactId>
        <version>1.6.1</version>
    </dependency>

    <dependency>
        <groupId>commons-logging</groupId>
        <artifactId>commons-logging</artifactId>
        <version>1.1.1</version>
    </dependency>

    <dependency>
        <groupId>commons-collections</groupId>
        <artifactId>commons-collections</artifactId>
        <version>3.2.1</version>
    </dependency>

    <dependency>
        <groupId>antlr</groupId>
        <artifactId>antlr</artifactId>
        <version>2.7.7</version>
    </dependency>
    <!-- Hibernate library dependecy end -->

 <dependency>
            <groupId>javax.transaction</groupId>
            <artifactId>jta</artifactId>
            <version>1.1</version>
</dependency>

<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-orm</artifactId>
    <version>${spring.version}</version>
    <type>jar</type>
    <scope>compile</scope>
</dependency>

  <dependency>
    <groupId>org.hibernate</groupId>
    <artifactId>hibernate-core</artifactId>
    <version>3.6.0.Final</version>
</dependency>
<dependency>


    <groupId>org.slf4j</groupId>
    <artifactId>slf4j-log4j12</artifactId>
    <version>1.6.5</version>
  </dependency>

<dependency>
    <groupId>javassist</groupId>
    <artifactId>javassist</artifactId>
    <version>3.12.1.GA</version>
</dependency>
<dependency>

    <groupId>com.google.code.gson</groupId>
    <artifactId>gson</artifactId>
    <version>2.3.1</version>
</dependency>


 <dependency>
    <groupId>org.apache.poi</groupId>
    <artifactId>poi</artifactId>
    <version>3.11</version>
</dependency>
<dependency>
    <groupId>org.apache.poi</groupId>
    <artifactId>poi-ooxml</artifactId>
    <version>3.9</version>
</dependency>

<dependency>
    <groupId>commons-io</groupId>
    <artifactId>commons-io</artifactId>
    <version>2.4</version>
</dependency>

<dependency>
    <groupId>org.json</groupId>
    <artifactId>json</artifactId>
    <version>20141113</version>
</dependency>


<dependency>
    <groupId>org.apache.httpcomponents</groupId>
    <artifactId>httpclient</artifactId>
    <version>4.3.4</version>
</dependency>

<dependency>
    <groupId>commons-httpclient</groupId>
    <artifactId>commons-httpclient</artifactId>
    <version>3.1</version>
</dependency>

<dependency>
    <groupId>net.sf.hibernate</groupId>
    <artifactId>hibernate</artifactId>
    <version>2.1.8</version>
</dependency>



<dependency>
   <groupId>org.hibernate</groupId>
   <artifactId>hibernate-validator</artifactId>
   <version>5.2.1.Final</version>
</dependency>

<dependency>
    <groupId>org.apache.logging.log4j</groupId>
    <artifactId>log4j-core</artifactId>
    <version>2.3</version>
</dependency>

<dependency>
    <groupId>log4j</groupId>
    <artifactId>log4j</artifactId>
    <version>1.2.17</version>
</dependency>
<dependency>
    <groupId>commons-lang</groupId>
    <artifactId>commons-lang</artifactId>
    <version>2.3</version>
</dependency>

<!--  <dependency>
    <groupId>javax.servlet</groupId>
    <artifactId>servlet-api</artifactId>
    <version>3.0-alpha-1</version>
</dependency>-->

<dependency>
    <groupId>org.igniterealtime.smack</groupId>
    <artifactId>smack-core</artifactId>
    <version>4.2.0-alpha1</version>
</dependency>

<dependency>
    <groupId>org.apache.commons</groupId>
    <artifactId>commons-io</artifactId>
    <version>1.3.2</version>
</dependency>

<dependency>
    <groupId>ca.juliusdavies</groupId>
    <artifactId>not-yet-commons-ssl</artifactId>
    <version>0.3.11</version>
</dependency>
 <dependency>
       <groupId>javax.ws.rs</groupId>
       <artifactId>javax.ws.rs-api</artifactId>
       <version>2.0</version>
    </dependency>
    <dependency>
       <groupId>org.glassfish.jersey.media</groupId>
       <artifactId>jersey-media-moxy</artifactId>
       <version>2.8</version>
    </dependency>
    <dependency>
        <groupId>org.glassfish.jersey.core</groupId>
        <artifactId>jersey-common</artifactId>
        <version>2.8</version>
    </dependency>

    <dependency>
  <groupId>org.glassfish.jersey.core</groupId>
  <artifactId>jersey-client</artifactId>
  <version>2.8</version>
</dependency>

</dependencies>

Answer 1

You have to add a security provider to be able to use crypto class like X509TrustManager and X509Certificate.

You can add the provider anytime. You just have to do it before you use these class.

Here's an example of how to add a security provider in Java:

//check if provider is not already added
Provider aProvider = Security.getProvider("MyProvider");
if (aProvider == null) {
    //add provider
    Security.addProvider(new MyProvider());
}

MyProvider is just a placeholder. You have to import a provider (Ex. BouncyCastle) or use the one from Sun