1 Replies - 617 Views - Last Post: 18 December 2013 - 03:36 PM Rate Topic: ***-- 2 Votes

#1 Crazy_Learner  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 10
  • View blog
  • Posts: 145
  • Joined: 25-July 09

Trust Anchor Can Not Be Empty Help

Posted 14 December 2013 - 01:36 PM

I have been troubleshooting this all day. I am currently using login.yahoo.com as a test site, not really the site im directly connecting to as this is suppose to be a generalized implementation.

Everything i have results in a trust anchor can not be empty, but i am having trouble making it not empty.
OS: Windows 8.1 x64

Code being Used
// Java Input/Output Imports
import java.io.IOException;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;

// Java Net Imports
import java.net.URL;
import java.net.MalformedURLException;
import java.net.ProtocolException;

// Java Utilities Imports/
import java.util.HashMap;

// Java Secure Socket Layer (SSL) Imports
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;

// Java Security Imports
import java.security.NoSuchAlgorithmException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyManagementException;

public class SecureConnection
{
    private final String webAddress;
    private final String userAgent;
    private final HashMap<String,String> variables;
    private HttpsURLConnection connection = null;
    private TrustManagerFactory trustManager = null;
    private KeyStore keyStore = null;
    
    /**
     * 
     * @param secureWebAddress 
     */
    public SecureConnection(String secureWebAddress)
    {
        this.webAddress = secureWebAddress;
        this.variables = new HashMap<>();
        
        String ua = "Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)";
        this.userAgent = ua;
        
        this.setupTrustCertificates();
    }

////////////////////////////////////////////////////////////////////////////////
//                         Information Management
////////////////////////////////////////////////////////////////////////////////    
    
    /**
     * 
     */
    public void sendPost() 
    {
        this.checkConnectionStatus();
        
        try
        {
            this.connection.setRequestMethod("POST");
            this.connection.setRequestProperty("User-Agent", this.userAgent);
            this.connection.setRequestProperty("Accept-Language", "en-US");
            this.connection.setDoOutput(true);
        }
        catch(ProtocolException pe)
        {
            this.handleException(pe);
        }
        
        DataOutputStream writer = null;
        
        try
        {
            writer = new DataOutputStream((this.connection.getOutputStream()));
            writer.writeBytes(this.getVariableString());
        }
        catch(IOException ioe)
        {
            this.handleException(ioe);
        }
        finally
        {
            try
            {
                if(writer != null)
                {
                    writer.flush();
                    writer.close();
                }
            }
            catch(IOException | NullPointerException ionpe)
            {
                this.handleException(ionpe);
            }
        }
    }
    
    /**
     * 
     */
    public void sendGet() 
    {
        this.checkConnectionStatus();
        
        DataOutputStream writer = null;
        
        try
        {
            this.connection.setRequestMethod("GET");
            this.connection.setRequestProperty("User-Agent", this.userAgent);
            this.connection.setRequestProperty("Accept-Language", "en-US");
            
            writer = new DataOutputStream(this.connection.getOutputStream());
            writer.writeBytes(this.getVariableString());
        }
        catch(ProtocolException pe)
        {
            this.handleException(pe);
        }
        catch(IOException ioe)
        {
            this.handleException(ioe);
        }
        finally
        {
            try
            {
                if(writer != null)
                {
                    writer.flush();
                    writer.close();
                }
            }
            catch(IOException ioe)
            {
                this.handleException(ioe);
            }
        }
    }
    
    /**
     * 
     * @param variableKey
     * @param variableValue 
     */
    public void addVariable(String variableKey, String variableValue)
    {
        this.variables.put(variableKey, variableValue);
    }
   
////////////////////////////////////////////////////////////////////////////////
//                            Connection Control
////////////////////////////////////////////////////////////////////////////////
    
    /**
     * 
     * @throws IllegalArgumentException 
     */
    private void checkConnectionStatus() throws IllegalArgumentException
    {
        // Check if connection is null
        if(this.connection == null)
        {
            throw new IllegalArgumentException("Can not have null connection"); 
        }
    }
    
    /**
     * 
     */
    public void openConnection()
    {
        try
        {
            URL secureUrl = new URL(this.webAddress);
            this.connection = (HttpsURLConnection) secureUrl.openConnection();
            
            // Load Key store
            if(this.keyStore == null)
            {
                this.keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                this.setTrustManager(this.trustManager, keyStore);
                System.out.println(System.getProperty("javax.net.ssl.trustStore"));
            }
            
            // Specify TLS connection type
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, this.trustManager.getTrustManagers(), null);
            SSLSocketFactory factory = sslContext.getSocketFactory();
            //factory.createSocket(this.webAddress, 443);
            
            // Set the settings
            this.connection.setSSLSocketFactory(factory);
            
        }
        catch(MalformedURLException mfe)
        {
            this.handleException(mfe);
        }
        catch(IOException | NoSuchAlgorithmException e)
        {
            this.handleException(e);
        }
        catch(KeyManagementException | KeyStoreException kme)
        {
            this.handleException(kme);
        }
    }

////////////////////////////////////////////////////////////////////////////////
//                           Response Management
////////////////////////////////////////////////////////////////////////////////
    
    /**
     * 
     * @return 
     */
    @SuppressWarnings("unused")
    public String getResponse()
    {
        InputStreamReader input = null;
        BufferedReader reader = null;
        StringBuilder connectionResponse = new StringBuilder();
        
        try
        {
            if(this.connection.getResponseCode() != 200)
            {
                int response = this.connection.getResponseCode();
                throw new IOException("Server Code: " + response);
            }
            
            input = new InputStreamReader(this.connection.getInputStream());
            reader = new BufferedReader(input);
            
            String tempInputString;
            
            while( (tempInputString = reader.readLine()) != null )
            {
                connectionResponse.append(tempInputString);
            }
        }
        catch(ProtocolException pe)
        {
            this.handleException(pe);
        }
        catch(IOException ioe)
        {
            this.handleException(ioe);
        }
        finally
        {
            try
            {
                if(reader != null)
                {
                    reader.close();
                }
                
                if(input != null)
                {
                    input.close();
                }
            }
            catch(IOException ioe)
            {
                this.handleException(ioe);
            }
        }
        
        return connectionResponse.toString();
    }
 
////////////////////////////////////////////////////////////////////////////////
//                              String Methods
////////////////////////////////////////////////////////////////////////////////
    
    /**
     * 
     * @return 
     */
    private String getVariableString()
    {
        String variableString = "";
        
        for(String key : this.variables.keySet())
        {
            variableString += key + "=" + this.variables.get(key) + "&";
        }
        
        return variableString;
    }
    
    /**
     * 
     * @return 
     */
    @Override
    public String toString()
    {
        StringBuilder variablePrint = new StringBuilder();
        for(String key : this.variables.keySet())
        {
            variablePrint.append(key)
                         .append(this.variables.get(key))
                         .append("\n");
        }
        
        return variablePrint.toString();
    }

////////////////////////////////////////////////////////////////////////////////
//                          Certificate Management
////////////////////////////////////////////////////////////////////////////////
    
    /**
     * 
     * @param tmf 
     * @param keys 
     */
    public void setTrustManager(TrustManagerFactory tmf, KeyStore keys)
    {
        try
        {
            this.trustManager = tmf;
            this.trustManager.init(keys);
        }
        catch(KeyStoreException kse)
        {
            this.handleException(kse);
        }
    }
    
    /**
     * 
     */
    private void setupTrustCertificates()
    {
        try
        {
            String ca = "C:\\Program Files\\Java\\jre7\\lib\\security\\cacerts";
            System.setProperty("javax.net.ssl.trustStore", ca);
            
            String stdAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
            this.trustManager = TrustManagerFactory.getInstance(stdAlgorithm);
        }
        catch(NoSuchAlgorithmException nsae)
        {
            this.handleException(nsae);
        }
    }
 
////////////////////////////////////////////////////////////////////////////////
//                              Exception Manager
////////////////////////////////////////////////////////////////////////////////
    
    /**
     * 
     * @param e 
     */
    @SuppressWarnings("CallToThreadDumpStack")
    private void handleException(Exception e)
    {
        System.err.println(e.getMessage());
        e.printStackTrace();
    }
    
////////////////////////////////////////////////////////////////////////////////
//                                  MAIN METHOD
////////////////////////////////////////////////////////////////////////////////
    public static void main(String[] arguments)
    {
        
        SecureConnection connect;
        connect = new SecureConnection("https://login.yahoo.com/");
        connect.openConnection();
        System.out.print(connect.getResponse());
    }



Output
java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1842)
	at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1825)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1346)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
	at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
	at utilities.web.connection.SecureConnection.getResponse(SecureConnection.java:439)
	at utilities.web.connection.SecureConnection.main(SecureConnection.java:587)
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
	at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:90)
	at sun.security.validator.Validator.getInstance(Validator.java:179)
	at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:314)
	at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:173)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:186)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
	... 8 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
	at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
	at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120)
	at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104)
	at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:88)
	... 20 more



Is This A Good Question/Topic? 0
  • +

Replies To: Trust Anchor Can Not Be Empty Help

#2 Crazy_Learner  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 10
  • View blog
  • Posts: 145
  • Joined: 25-July 09

Re: Trust Anchor Can Not Be Empty Help

Posted 18 December 2013 - 03:36 PM

Its been a few days, and the only thing i have come up with is to create a class that implements TrustManager and override the methods to return null to accept all certificates, but this is not the desired effect. any ideas ?
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1