Spring tool suite- SunCertPathBuilderException: unable to find valid certification path to requested target
Solution 1
Try http instead of https in the URL http://start.spring.io
The following error will be resolved "SunCertPathBuilderException: unable to find valid certification path to requested target"
Solution 2
I encountered the same problem and tried this: Window -> Preferences -> Network Connections Change mode to Manual
It works fine now.
Solution 3
It would seem like the http now gets redirected to https. So changing https to http may not work. I am barely familiar with digital certificates. However, I have simply listed what I had to do to get it to work for me. This is perhaps what @Strelok has suggested.
I am on Windows 10 and JDK 1.8.0_144 64bit. I am also behind a corporate proxy. I did the following to get it to work for me. If you are in a similar situation it may work for you.
Export the corporate certificate (There may be other easier ways of doing this)
- On Chrome, I went to https://start.spring.io
- On the location bar clicked on the 'Lock' symbol next to https.
- Selected 'Certificate(Valid)' on the ensuing pop-up.
- On the resulting dialog box, clicked on the 'Certificate Path' tab, from under certificate path tree selected the root node, and then clicked on 'View Certificate'
- On the resulting dialog box, clicked on the 'Details' tab and then clicked on 'Copy to File'
- This brings up the 'Export wizard', clicked on 'Next'.
- Left the certificate format to default 'DER encoded..', clicked on 'Next'.
- Provided file name (.cer extension) for the certificate.
- Clicked Finish.
The above steps exported a certificate to a file that I imported into truststore (cacerts).
To import
- Opened a 'Command' prompt as Administrator to import the certificate
- Went to bin directory of Java installation (this step is not needed if jre/bin is in your path)
-
Ran the following:
C:\Program Files\Java\jre1.8.0_144\bin>keytool -importcert -alias your-alias -keystore "C:\Program Files\Java\jre1.8.0_144\lib\security\cacerts" -storepass changeit -file C:\certificate-file-location\saved-certificate-file.cer
(Substitute your java location, certificate file location and certificate file name as appropriate. The 'storepass' should be 'changeit'.)
Restarted STS
Solution 4
The simplest solution is to install your corporate certificate into the cacerts keystore of the JDK.
<JAVA_HOME>/bin/keytool -import -alias CorpProxy -keystore <JAVA_HOME>/jre/lib/security/cacerts -file your_corp_cert.crt
You will be prompted for the keystore password which is changeit by default.
Solution 5
In the case if none of above work, try below steps. It works fine for me as I was also working under corporate network, had same issue.
- Close STS tool if open.
- Locate STS.ini file (mostly where you have installed STS tool and have STS.exe)
Edit STS.ini. Add following two line at the bottom (Use your JDK location, below one is just a sample)
-Djavax.net.ssl.trustStore=C:\Program Files\Java\jdk1.8.0_20\jre\lib\security\cacerts
-Djava.net.ssl.trustStorePassword=changeit
Save STS.ini and restart the STS.exe.
It works in my case. Thank you.
shivam gupta
Updated on October 04, 2021Comments
-
shivam gupta over 2 years
I am working on STS and while creating a new spring-boot project, it shows following error:
SunCertPathBuilderException: unable to find valid certification path to requested targetsince it access https://start.spring.io as a service URL.
I am working in a corporate network and they have their own certificates and security rules. I looked into web but could not find any clear solution for STS. How should I add certification path in STS for given URL. Any help is appreciated.
-
devo over 5 yearsThis should be the accepted answer instead of the workarounds above. Also, this will help with other issues such as installing plugins from marketplace.
-
Vikram Ranabhatt almost 5 yearsThis doesn't work in Spring Tool Suite 3 Version: 3.9.9.RELEASE The moment i add start.spring.io it get changed to start.spring.io automatically.
-
user2125853 over 4 yearsSeems like http gets redirected to https, so this may not work. I have added an answer to list what I did to get it to work.
-
Srikanth Janapati about 4 yearsIn STS version 4,if i change https to http, it's automatically redirecting to the https, any one please help me to resolve this -
deepakguna over 3 yearsyou saved my day! Thank you!
-
Ram about 3 yearsIt's a generic solution. This should be an accepted answer. -
coderpc about 3 years@SrikanthJanapati Were you able to find the solution? I'm facing the same issue with STS 4
-
Zack Dawood about 3 years@coderpc please try this programmersought.com/article/68482773221 -
Srikanth Janapati about 3 years@coderpc - in my case i disconnected the VPN then it's working fine
-
asifaftab87 over 2 yearsdidn't work for me.
-
Gustavo over 2 yearsIt work!!!, thank you very much -
ryanwebjackson over 2 yearsDoes storepass indicate the keystore password?
-
Ramesh about 2 yearsThe
.inifile will have the same filename as the.exefile. It wasSpringToolSuite4.iniin my case
