I am accessing a web service. When I go to the web service's URL in my browser, the certificate is signed and automatically is accepted.
What I don't understand is that when I use Java to access the web service I get something along the lines of:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I would imagine this means that the certificate is not signed, but it is.
Doesn't com.sun.net.ssl.internal.ssl go to the certificate authority automatically and check if the certificate is signed? If not, is there something I need to set up in addition in order to do this?
There is more checking than just the signature. The certificate authority that produced the signature must be validated, among other things. Java's list of trusted certificate authorities is different than your browser's. You may need to download the CA cert with your browser and install it with Java's keytool.