Since you are dealing with Secure Connections, you are stepping into the area of Certificates.
Java thinks that your Server is not trusted. You could understand that from the stack traces.
You have two choices here. You can let your program to ignore the Certificate Validation. You will need to execute this code only once before you call addURL.
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.*;
private TrustManager[] getBypassingTrustManager()
{
TrustManager[] certs = new TrustManager[]
{
new X509TrustManager()
{
public X509Certificate[] getAcceptedIssuers()
{
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String t)
{
}
public void checkServerTrusted(X509Certificate[] certs, String t)
{
}
}
};
return certs;
}
SSLContext sslCtx = SSLContext.getInstance("SSL");
TrustManager trustManager[] = getBypassingTrustManager();
sslCtx.init(null, trustManager, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory());
The above approach is not great in the sense of Security. Far better if you learn how Java Keystores work (java.security.KeyStore). Instead of ignoring Certificate Validation, you can keep the Certificate from your Server in a Keystore file. Your application can then load your keystore, which makes Java trusting your Servers.