Question posted in Stack Overflow too: java - How to solve "The certificate is not valid and cannot be used to verify the identity of this website" error? - St…
The question is, How to solve "The certificate is not valid and cannot be used to verify the identity of this website" error?.
Here are the details:
I have a signed applet that has been working fine, until I updated Java to 8u25 (1.8.0_25-b18). Now, the application shows an alert message "Do you want to continue? The connection to this website is untrusted". There is a note in this message too, "
The certificate is not valid and cannot be used to verify the identity of this website".
The applet is loaded without problems. But when the user tries to use a specific function of that application, the warning message is displayed.
I've checked the java console when this happens, and this warning message is displayed right after these lines:
security: Obtain certificate collection in SSL Root CA certificate store
security: Invalid certificate from HTTPS server
network: Cache entry not found [url: https://sub.domain.net:9876, version: null]
The application is downloaded from a different domain, say "https://app.domain.net/ .....", so no jars are downloaded from "https://sub.domain.net:9876 ", but the applet connects to "https://sub.domain.net:9876 " to send/receive data.
The applet is signed correctly, and so far, it meets all the security requirements according to Java. This issue seems to happen when the application tries to connect internally with an HTTPS url like
https://sub.domain.net:9876. That sites' SSL certificate is valid, issued by GoDaddy and has not expired.
Again, this started to happen after updating my JRE to 8u25. I've tested adding the offending URL to Java security exception list, with no success.
Here are a few screenshot of this problem:
This is the warning message displayed: