My boarding school uses its own custom root certificate. Minecraft is not blocked, but the system has a tendency of being extremely temperamental with the login server. Its fine to keep trying to login but if there was a way of manually signing the minecraft certificate or connecting to login via a proxy it would save a lot of hassle. My Java does not need to be reinstalled
Minecraft is not blocked, just the ssl to the login messes up. We have similar problems with other popular sites such as Google and Facebook.
Error:
[21:07:19 INFO]: Logging in with username & password
[21:07:19 ERROR]: Couldn't log in
com.mojang.authlib.exceptions.AuthenticationUnavailableException: Cannot contact authentication server
at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:58) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilUserAuthentication.logInWithPassword(YggdrasilUserAuthentication.java:74) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilUserAuthentication.logIn(YggdrasilUserAuthentication.java:57) ~[launcher.jar:?]
at net.minecraft.launcher.ui.popups.login.LogInForm$4.run(LogInForm.java:173) [launcher.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [?:1.7.0_25]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [?:1.7.0_25]
at java.lang.Thread.run(Thread.java:724) [?:1.7.0_25]
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) ~[?:1.7.0_25]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.7.0_25]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1090) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.7.0_25]
at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:41) ~[launcher.jar:?]
... 6 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) ~[?:1.7.0_25]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[?:1.7.0_25]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) ~[?:1.7.0_25]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.7.0_25]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1090) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.7.0_25]
at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:41) ~[launcher.jar:?]
... 6 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) ~[?:1.7.0_25]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) ~[?:1.7.0_25]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) ~[?:1.7.0_25]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[?:1.7.0_25]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) ~[?:1.7.0_25]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.7.0_25]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1090) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.7.0_25]
at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:41) ~[launcher.jar:?]
... 6 more
If anyone has any advice, or ideas on how to solve the problem please tell me.
So your school is conducting man-in-the-middle attacks against the students secure encrypted connections?
Do they realize the liability the are in if, for example, you were using SSL to talk to your doctor's web site and transmit PII that is protected by Federal HIPAA laws? [assuming you are in the US]
Why exactly do they feel the need to steal passwords, PIN numbers, SSNs, account numbers and other such things that are being protected by SSL connections?
If despite the fact that this is all very very wrong and of dubious legality, you can import their certificate using the information available here: http://wiki.cacert.org/FAQ/ImportRootCert
Concerning morality that is not an issue I am concerned by now, as there is no other way to use https sites. I already have the certificate imported into my key chain as it is required to use an SSL on the network. The only time when I need to bypass it is with Minecraft login. or perhaps import the certificate into java manually. Do you have any ideas?
Minecraft is not blocked, just the ssl to the login messes up. We have similar problems with other popular sites such as Google and Facebook.
Error:
[21:07:19 INFO]: Logging in with username & password
[21:07:19 ERROR]: Couldn't log in
com.mojang.authlib.exceptions.AuthenticationUnavailableException: Cannot contact authentication server
at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:58) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilUserAuthentication.logInWithPassword(YggdrasilUserAuthentication.java:74) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilUserAuthentication.logIn(YggdrasilUserAuthentication.java:57) ~[launcher.jar:?]
at net.minecraft.launcher.ui.popups.login.LogInForm$4.run(LogInForm.java:173) [launcher.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [?:1.7.0_25]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [?:1.7.0_25]
at java.lang.Thread.run(Thread.java:724) [?:1.7.0_25]
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) ~[?:1.7.0_25]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.7.0_25]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1090) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.7.0_25]
at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:41) ~[launcher.jar:?]
... 6 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) ~[?:1.7.0_25]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[?:1.7.0_25]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) ~[?:1.7.0_25]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.7.0_25]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1090) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.7.0_25]
at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:41) ~[launcher.jar:?]
... 6 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) ~[?:1.7.0_25]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) ~[?:1.7.0_25]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) ~[?:1.7.0_25]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[?:1.7.0_25]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) ~[?:1.7.0_25]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) ~[?:1.7.0_25]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) ~[?:1.7.0_25]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[?:1.7.0_25]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) ~[?:1.7.0_25]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.7.0_25]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1090) ~[?:1.7.0_25]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.7.0_25]
at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:?]
at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:41) ~[launcher.jar:?]
... 6 more
If anyone has any advice, or ideas on how to solve the problem please tell me.
Do they realize the liability the are in if, for example, you were using SSL to talk to your doctor's web site and transmit PII that is protected by Federal HIPAA laws? [assuming you are in the US]
Why exactly do they feel the need to steal passwords, PIN numbers, SSNs, account numbers and other such things that are being protected by SSL connections?
If despite the fact that this is all very very wrong and of dubious legality, you can import their certificate using the information available here: http://wiki.cacert.org/FAQ/ImportRootCert