Authentication when using RESTful-WS with Jersey

Ok - I already got somewhat further, using JAX-RS 2.1 and Jersey 2.7:
My Java code is:

webTarget =;
webTarget = webTarget.path(“CodeSystem”).path(“$lookup”);
webTarget = webTarget.queryParam(“system”, “”);
webTarget = webTarget.queryParam(“code”, loincCode);
webTarget =, userName)
.property(HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_PASSWORD, passWord);
String answer = webTarget.request(MediaType.APPLICATION_JSON).get(String.class);

giving the exception:
Exception in thread “main”
PKIX path building failed:
unable to find valid certification path to requested target

indicating that the authentication somehow doesn’t get trough.

So, essentially: how should I pass username and password to the request?

Many thanks in advance,


Hi Jozef,

I’m not a Java developer but I did find this potential solution:

Please let me know if this remedies your situation.


Can it be that the server certificate is a self-signed one? That could explain a lot of things!

Essentially, the cause of the problems is that the server certificate is not trusted.
A work-around (not for production!) is that a Client is generated that trusts all certificates, e.g. using the class “SslTrustAllRestClient” that can be found at:
For this class, you will need the following imports:

It is then used as follows (example using Jersey 2.6/2.7)

// create a REST client that trusts all certificates (NOT for production!)
SslTrustAllRestClient s = new SslTrustAllRestClient();
Client client = s.createClient();
// the base URI
String BASE_URI = “”;
// Add authentication (LOINC username and password)
HttpAuthenticationFeature feature = HttpAuthenticationFeature.basic(userName, passWord);

// start a query
// here, it corresponds to: <code class=“http copy hljs”><span class=“hljs-attribute”>$lookup?system=;code=1751-7&lt;/span&gt;

String loincCode = “1751-7”
webTarget =;
webTarget = webTarget.path(“CodeSystem”).path(“$lookup”);
webTarget = webTarget.queryParam(“system”, new String[] {“”});
webTarget = webTarget.queryParam(“code”, new String[] {loincCode});
String answer = (String)webTarget.request(new String[]{MediaType.APPLICATION_XML}).get(String.class);

IMPORTANT: in applications, always add a “MediaType” as the default is … HTML (i.e. the “website”) which of course doesn’t make sense in applications.

If the server’s certificate is self-signed, please consider a real one, that would make everything much easier.
Best regards
Jozef Aerts, XML4Pharma (mail address easy to find if someone wants to get in contact … :slight_smile: )

@Jozef - No, the certificate for is signed by Let’s Encrypt.

Thanks Tim,
That is good to hear - so it must be something else.
Reason is that I developed a good amount of other RESTful clients that work with https and where there is no problem.
I could of course download the certificate and put it in the Java keystore, but that would make the application non-portable and hard to deploy for non-specialists.

However, it works for me right now and I can start exploring these wonderful services!

Many thanks for your support!