Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SSLHandshakeException while using AWS SDK for Java API

I'm using the Java API to upload and download files in Amazon S3. It was working perfectly until about a week ago, and it just stopped working altogether even though I hadn't touched the code. I'm wondering if there's a solution to this. Thanks!

Over here's the code that was worked fine:

AWSCredentials credentials = new BasicAWSCredentials(ACCESSKEYID, SECRETKEY);
AmazonS3Client s3client = new AmazonS3Client(credentials);
List<String> bucketList = new ArrayList<String>();
    for (Bucket bucket : s3client.listBuckets()) {
        System.out.println(bucket.getName());
    }

And here's the error:

Apr 11, 2015 9:44:12 PM com.amazonaws.http.AmazonHttpClient executeHelper
INFO: Unable to execute HTTP request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:534)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:402)
at com.amazonaws.http.conn.ssl.SdkTLSSocketFactory.connectSocket(SdkTLSSocketFactory.java:118)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:178)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
at com.amazonaws.http.AmazonHttpClient.executeOneRequest(AmazonHttpClient.java:685)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:460)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:295)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3736)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3686)
at com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:688)
at com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:696)
at keymanager.service.AWSAPI.getBucketList(AWSAPI.java:130)
at keymanager.view.KeyManager.initializeBucketList(KeyManager.java:59)
at keymanager.view.KeyManager.connectButtonActionPerformed(KeyManager.java:626)
at keymanager.view.KeyManager.access$1000(KeyManager.java:22)
at keymanager.view.KeyManager$12.actionPerformed(KeyManager.java:425)

I'd done a bit of research, and some had suggested that the problem could be with the permissions. However, I think I've followed the instructions here: http://docs.aws.amazon.com/AWSToolkitEclipse/latest/GettingStartedGuide/tke_setup_creds.html#d0e387 as well as I could. I'm really pretty stuck, guys. Thanks, and any help at all will be appreciated!

like image 347
meraxes Avatar asked Apr 11 '15 14:04

meraxes


1 Answers

I had same problem. The solution turned out to be the device wrong date. Try to keep your device date updated. The reason is that SSL certificates have issuance/expiry date that are being verified against your device date.

like image 169
abedfar Avatar answered Oct 17 '22 15:10

abedfar