zaproxy: Provide better error message when cert path validation fails

What steps will reproduce the problem?
1.Open Zap
2.In help check for updates
3.Observe the popup dialog, OWASP ZAP unable to securely access the check for updates
service

What is the expected output? What do you see instead?
I should be able to check for updates

What version of the product are you using? On what operating system?
2.4.0 on windows 8.1

Please provide any additional information below.

Original issue reported on code.google.com by Duncan_jason@hotmail.com on 2015-05-05 09:38:28

About this issue

Original URL
State: closed
Created 9 years ago
Comments: 26 (19 by maintainers)

Commits related to this issue

chore: autoupdate: Tweak Warning Dialog Message Per: https://github.com/zaproxy/zap-extensions/pull/3732#issuecomment-1102625075 Related to: zaproxy/zaproxy#1623 Signed-off-by: kingthorin <kingthor... — committed to kingthorin/zaproxy by kingthorin 2 years ago

Most upvoted comments

I experienced this in a corporate environment. My Java installation was missing a certificate that my browser had access to via the Windows certificate store. I accessed https://raw.githubusercontent.com/zaproxy/zap-admin/master/ZapVersions-2.8.xml in the browser to find the CA certificate in question, opened the certificate and exported using Copy to file… (DER-encoded binary X.509 (.CER)) on the Details tab. Imported to the Java 8 runtime’s trust store using (from the JRE root dir):

bin\keytool -importcert -trustcacerts -file <cer-file> -alias <...> -keystore lib\security\cacerts

knutsiem on Sep 18, 2019

This can be reproduced with a custom/empty keystore.

thc202 on May 21, 2018