SSLHandshakeException Jhipster Okla &LetsEncrypt

Question

Today i've tried to configure a new Jhipster application with Oauth connection through Okta.

When i put my issuer-uri to localhost, everything works fine but when I try to make it with my domain it won't work anymore ...

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I think I've make something wrong somewhere : here is my Spring configuration :

  security:
      oauth2:
          client:
              provider:
                  oidc:
                      issuer-uri: https://okta.4fitmusic.com/oauth2/default
              registration:
                  oidc:
                      client-id: {myId}
                      client-secret: {MySecret}

My Settings on Okta :

Application label 4FitMusic
Application type Web
Allowed grant types -> Authorization Code

Login redirect URIs http://localhost:8080/login/oauth2/code/oidc    
Logout redirect URIs http://localhost:8080  
Login initiated by App Only
Initiate login URI http://localhost:8080/login

score 2 · Accepted Answer · answered May 16 '19 at 14:23

2

I've seen similar errors a couple of times, I forget the exact exception messages but my guess is that you didn't fill out the "Certificate Chain (optional)" field (this isn't actually optional for this type of certificate).

If that doesn't fix it check your Java version, make sure you are using a recent version of Java 8 (or newer) at least 8u101 I think.

answered May 16 '19 at 14:23

Brian Demers

2,051
1
9
12

1

Thanks so much ! You saved my day ! It was the "optional" certificate chain – Antoine Grenard May 16 '19 at 19:10

SSLHandshakeException Jhipster Okla &LetsEncrypt

1 Answers1