Getting "InvalidAlgorithmParameterException" while posting to a HTTPS website

Question

I'm trying to post data to a payment gateway website with the following jsp code:

System.setProperty("javax.net.ssl.trustStore ","C:\\Program Files\\Java\\jdk1.7.0_17\\jre\\lib\\security\\cacerts");\
System.setProperty("javax.net.ssl.trustStorePassword","changeit");

URL server = new URL("https://...");

HttpURLConnection connection = (HttpURLConnection) server.openConnection();

connection.setRequestMethod("POST");
connection.setDoOutput(true);
connection.setRequestProperty("content-type","application/x-www-form-urlencoded");

connection.connect();

OutputStream os = connection.getOutputStream();
os.write(checkRequestByte);
os.close();

I've added the .cer file to java keystore with this command:

keytool -importcert -file "path/certFile.cer" -keystore "Java/jre7/lib/security/cacerts" -alias "Alias"

I also tried this one:

keytool -importcert -file "path/certFile.cer" -keystore "Java/jdk1.7.0_17/jre/lib/security/cacerts" -alias "Alias"

and in both cases I've got this message:

Certificate was added to keystore

But when I run it and the page opens, I get the following error:

org.apache.jasper.JasperException: An exception occurred processing JSP page /process.jsp at line 36

33:     connection.setDoOutput(true);
34:     connection.setRequestProperty("content-type","application/x-www-form-urlencoded");
35: 
36:     connection.connect();
37: 
38:     OutputStream os = connection.getOutputStream();
39:     os.write(checkRequestByte);

javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty ...

I'm confused, I've never faced it before .... I appreciate your comments

Please rule out absence of certificate in your JVM truststore becoz in that case error would have been SSLHandshake error nor related to algorithm issue — M Sach, May 12 '13 at 15:56
Sorry I don't understand you, would you please explain more clearly? — Majid Abarghooei, May 12 '13 at 16:04

score 0 · Accepted Answer · answered May 13 '13 at 07:25

0

The solution was so easy :D, I've restarted the tomcat and now it works like a charm ;)

answered May 13 '13 at 07:25

Majid Abarghooei

663
7
21

score 0 · Answer 2 · answered Mar 21 '14 at 07:16

I was having a similar problem with tomcat throwing InvalidAlgorithmParameterException . I set the

 -Djavax.net.ssl.trustStore=/path/to/cacerts

and installed the cert for the site into the truststore but https connection would not work. Finally I set an exception breakpoint in eclipse for the

java.security.InvalidAlgorithmParameterException,

then inspected the system property using expression view in eclipse when the exception was thrown using this snippet:

System.getProperty("javax.net.ssl.trustStore")

I saw that the value for this trustStore location had been changed somewhere else at runtime to be a different path from the -Djavax...trustStore path I configured.

I hope this helps someone figure out where the trustStore is configured and that it can be changed at runtime to something else. The error should really echo out the path that was attempted for loading the trustStore.

Getting "InvalidAlgorithmParameterException" while posting to a HTTPS website

2 Answers2