Using ssl certificate with feign

I’m trying to acess a apllication secured by https, i have a p12 certificate (already imported as .cer into cacerts folder of my jdk).

I already tried this tutorial to no success:

And also i’m using part of this solution: How to use p12 client certificate with spring feign client

Debuging the ssl connection i get the following error:|ERROR|25|http-nio-auto-1-exec-1|2021-01-26 16:56:34.789 BRT||Fatal (HANDSHAKE_FAILURE): Received fatal alert: handshake_failure

My current feign config class

    public Feign.Builder feignBuilder(Retryer retryer) {
        return Feign.builder().retryer(retryer);
    public Feign.Builder feignBuilder() {
        return Feign.builder()
            .client(new Client.Default(getSSLSocketFactory(), null));
    private SSLSocketFactory getSSLSocketFactory() {
        String keyStorePassword = "myPassword";
        char[] allPassword = keyStorePassword.toCharArray();
        SSLContext sslContext = null;
        try {
            sslContext = SSLContextBuilder
                .loadKeyMaterial(ResourceUtils.getFile("keypath"), allPassword, allPassword)
        } catch (Exception e) {  }
        return sslContext.getSocketFactory();

In the debbuging section of the code i can see my certificate is there, but still my java is getting the handshake error. I’m new to ssl concept and possible did some config wrong.

One last note, when in the feign config class and set the trust store and password by System

         System.setProperty("", "pass");
        System.setProperty("", "pathtocerth.p12");

The error change to this:|ERROR|25|http-nio-auto-1-exec-1|2021-01-26 16:48:58.551 BRT||Fatal (CERTIFICATE_UNKNOWN): PKIX path building failed: unable to find valid certification path to requested target


I’m answering myself since i found out the problem. Case someone face the same issue the solution is quite simple.

Inside application properties you need to add these properties:




Set the feign configuration class

public class CustomFeignConfiguration {

    public void Config() {  
        System.setProperty("", "PKCS12");    
        System.setProperty("", "path to p12");  
        System.setProperty("", "key password"); 

And use the feign config in the feign request

@FeignClient(name = "foo", url = "https://foo/foo",
configuration = CustomFeignConfiguration.class)
public interface IFeingRequest {

request here


With this solution I did NOT need to convert the certificate and store it into java trust store.

Leave a Reply

Your email address will not be published. Required fields are marked *