Problem:
I have been back and forth for the last week or so trying to configure my Scala+AKKA client to be able to send message to a server running NGINX.
I keep getting the error:
javax.net.ssl.SSLHandshakeException: (certificate_unknown)
Setup:
nginx config:
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name localhost;
ssl_certificate /home/hydra/.localhost-ssl/localhost.crt; //<- combined certificates (server_cert + rootCA)
ssl_certificate_key /home/hydra/.localhost-ssl/localhost-key.key;
ssl_trusted_certificate /home/hydra/.localhost-ssl/rootCA.crt; //<- just the rootCA
index index.html index.htm;
root /home/hydra/ui/;
location / {
try_files $uri.html $uri/index.html
@public
@nextjs;
add_header Cache-Control "public, max-age=3600";
}
location @public {
add_header Cache-Control "public, max-age=3600";
}
location /ping {
proxy_pass http://localhost:8080;
}
location @nextjs {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
}
}
client request:
private val sslContext: SSLContext = SSLManager.getClientSSLContext
private val connectionContext = ConnectionContext.httpsClient(sslContext)
...
val request = HttpRequest(method = HttpMethods.GET, uri = s"https://${server.serverIP}/ping")
http.singleRequest(request, connectionContext).pipeTo(self)
createClientContext:
def getClientSSLContext: SSLContext = {
val keyStore = KeyStore.getInstance("JKS")
keyStore.load(null, null) // Create an empty keystore
keyStore.setCertificateEntry("rootCA", loadRootCertificate())
// Set up a TrustManager that trusts the root CA certificate
val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm)
trustManagerFactory.init(keyStore)
val trustManagers = trustManagerFactory.getTrustManagers
// Create an SSLContext with the custom TrustManager
val sslContext = SSLContext.getInstance("TLS")
sslContext.init(null, trustManagers, new SecureRandom())
sslContext
}
Writing rootCA to file:
val rootCA = new StringBuilder()
rootCA.append("-----BEGIN CERTIFICATE-----\n")
rootCA.append(Base64.getEncoder.encodeToString(rootCACertificate.getEncoded))
rootCA.append("\n-----END CERTIFICATE-----")
writeFile(ROOT_CA_PATH, Seq(rootCA.toString))
How I create the signed server certificate:
def createCSR(keyPair: KeyPair, subject: String, keyAlgorithm: String): PKCS10CertificationRequest = {
val csrGen = new PKCS10CertificationRequestBuilder(new X500Name(subject), SubjectPublicKeyInfo.getInstance(keyPair.getPublic.getEncoded))
val signer = new JcaContentSignerBuilder("SHA256with" + keyAlgorithm).build(keyPair.getPrivate)
csrGen.build(signer)
}
// Sign the CSR with the root CA's private key to generate a certificate
def signCertificate(csr: PKCS10CertificationRequest, rootCACertificate: X509Certificate, rootCAPrivateKey: PrivateKey): X509Certificate = {
val notBefore = new Date()
val notAfter = new Date(notBefore.getTime + 36500L * 24 * 60 * 60 * 1000) // Valid for 1 year
val certGen = new X509v3CertificateBuilder(
new X500Name("CN=Hydra SSL Certificate"),
new BigInteger(128, new Random()),
notBefore,
notAfter,
csr.getSubject,
csr.getSubjectPublicKeyInfo
)
// Add SubjectAlternativeName (SAN) extension
val sanNames = Array[GeneralName](
new GeneralName(GeneralName.iPAddress, SERVER_IP)
)
val generalNames = new GeneralNames(sanNames)
certGen.addExtension(Extension.subjectAlternativeName, false, generalNames)
// Sign with root CA's private key
val signer = new JcaContentSignerBuilder("SHA256withRSA").build(rootCAPrivateKey)
val certificateHolder: X509CertificateHolder = certGen.build(signer)
// Convert to a JCE certificate
val converter = new JcaX509CertificateConverter().setProvider("BC")
converter.getCertificate(certificateHolder)
}
...
// Step 1: Load Root CA certificate and private key
val rootCACertificate = loadRootCertificate()
val rootCAPrivateKey = loadRootPrivateKey()
// Step 2: Generate new key pair for SSL certificate
val keyPair = generateKey("RSA")
// Step 3: Create CSR (Certificate Signing Request)
val csr = createCSR(keyPair, s"CN=hydra_server_$SERVER_ID, O=Hydra, C=UK", "RSA")
// Step 4: Sign the CSR with the Root CA to generate the SSL certificate
val sslCertificate = signCertificate(csr, rootCACertificate, rootCAPrivateKey)
What I've Tried:
After consulting chatGPT, I tried the command openssl s_client -connect 192.168.0.4:443 -showcerts
The output of this command can be found here.
This helped me to verify that nginx is in fact sending the entire chain, in the correct order (can be confirmed by date - the rootCA (certificate 1 in the output) was generated on 7/2/2025, the server certificate (certificate 0) was generated today.
So what am I doing wrong/missing from my setup?
The name of your CA is C=UK, ST=London, L=London, O=Hydra, OU=Hydra, CN=Hydra but the issuer name in your server cert is different; it is instead CN=Hydra SSL Certificate. As a result the cert validator can't link the server cert to the CA cert and validation fails.
The first argument to X509v3CertificateBuilder should be the subject name from the parent (here root) cert, converted from base-Java X500Principal type to BouncyCastle X500Name type in the same way you are already converting SPKI; for an example see (my) https://security.stackexchange.com/questions/179526/how-to-import-plain-public-key-into-java-keystore
Also, in PEM format the base64 body is supposed to be broken into lines of 64 chars (except the last); see RFC 7468 section 2. nginx uses OpenSSL, and older versions of OpenSSL would utterly fail on the single long line you write. Since 2012 OpenSSL supports longer base64 lines, but not unbounded, and thus writing this format may fail sometimes depending on your data. Other software varies, so the same file may appear to be both valid and invalid simultaneously. The easiest way to avoid this is to use Base64.getMimeEncoder() which breaks into lines of 76 chars per MIME standards which are conceptually similar to PEM; even the oldest OpenSSL handled 76, and I've never encountered anything else that doesn't.