Thursday, December 20, 2012

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated error in Amazon AWS Java Code

To access Amazon Glacier, S3 etc if you're working on Java then you may get this exception:

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

I'm not an expert but only average IQ programmer.

What I understand is that the Amazon AWS client code is trying to authenticate with Amazon's remote server but since it does not have it's certificate it is giving this exception.

There are two solutions:

  • Disable checking of certified certificate entirely

    You can you use some classes to skip using certificates ( link1, link2, link3,link4,link5) but below method is simplest in case of AWS. To do it just add this flag in the command line when running using java:

    -Dcom.amazonaws.sdk.disableCertChecking=true

    You can search this string "com.amazonaws.sdk.disableCertChecking" in the AWS api code and you will find it. Or just type this command in Unix/Linux "find . -name '*.java'| xargs egrep com.amazonaws.sdk.disableCertChecking " which will show you the file name.

    Remember using this method you're bypassing security while information transfer, do it only if it is safe to do so in Amazon Glacier, S3 etc.

  • Import the certificate in the keystore. I've never done this but here are some links to get you started:
    1. Link1
    2. Link2

No comments:

Post a Comment