How to Fix a HttpClients.createDefault() Error on Linux

Linux
Written by Karna Sodari

When I first started using Apache HttpClient in Java, I thought it would be smooth sailing across platforms. My little test program worked perfectly on Windows, but as soon as I deployed it to my Linux server, everything fell apart with a frustrating SSL error.

The Original Code

Here’s the basic program I was running:

import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;

public class HttpTest2 {
    public static void main(String[] args) {
        CloseableHttpClient httpclient = HttpClients.createDefault();
        System.out.println("HttpClient created successfully!");
    }
}

On Windows, this worked fine and happily printed:

HttpClient created successfully!

But on Linux, it blew up with this ugly exception:

Exception in thread "main" org.apache.http.ssl.SSLInitializationException: TLS SSLContext not available
    at org.apache.http.ssl.SSLContexts.createDefault(SSLContexts.java:58)
    ...
Caused by: java.security.NoSuchAlgorithmException: TLS SSLContext not available

Why the Error Happen

The culprit was not my code it was the environment. Linux and Windows don’t handle SSL/TLS the same way.

The root problem was this line in the HttpClient internals:

SSLContext sslcontext = SSLContext.getInstance("TLS");

On my Linux server, SSLContext.getInstance("TLS") failed because "TLS" wasn’t available. This can happen for several reasons:

  • JDK mismatch – My Linux server was running jdk1.8.0_101, which is pretty old. Modern TLS providers weren’t included.
  • Missing cryptography libraries – Linux depends on OpenSSL for cryptography. If libssl is missing, TLS won’t work.
  • Security policy differences – Windows may allow weaker protocols, but Linux can be stricter and block them.

How I Fix It

After some digging and frustration, I found a reliable fix. Here’s what worked for me:

Update JDK

I upgraded from JDK 1.8.0_101 to 1.8.0_191+. Later builds include better TLS support.

Install OpenSSL on Linux

sudo apt-get update
sudo apt-get install openssl libssl-dev

This ensured the system had proper cryptography libraries.

Force a Supported TLS Version in Code

Instead of relying on the default "TLS", I explicitly requested TLSv1.2:

import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;

import javax.net.ssl.SSLContext;

public class HttpTest2 {
    public static void main(String[] args) throws Exception {
        // Explicitly request TLSv1.2
        SSLContext sslContext = SSLContextBuilder.create()
                .setProtocol("TLSv1.2")
                .build();

        CloseableHttpClient httpclient = HttpClients.custom()
                .setSSLContext(sslContext)
                .build();

        System.out.println("HttpClient created with TLSv1.2 successfully!");
    }
}

And just like that the error disappeared on Linux!

Adding More Functionality

Since I had the client working, I wanted to extend the project to make it do something useful. Instead of just printing a message, I made it perform a real HTTPS request.

import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.util.EntityUtils;

public class HttpTest2 {
    public static void main(String[] args) throws Exception {
        SSLContext sslContext = SSLContextBuilder.create()
                .setProtocol("TLSv1.2")
                .build();

        try (CloseableHttpClient httpclient = HttpClients.custom()
                .setSSLContext(sslContext)
                .build()) {

            HttpGet request = new HttpGet("https://www.google.com");
            try (CloseableHttpResponse response = httpclient.execute(request)) {
                String result = EntityUtils.toString(response.getEntity());
                System.out.println("Response status: " + response.getStatusLine());
                System.out.println("Response body: " + result.substring(0, 200) + "...");
            }
        }
    }
}

What this added:

  • Built a custom HttpClient with TLSv1.2
  • Performed a real HTTPS GET request
  • Printed the status code and first 200 characters of the response body

The moment I saw a live response from Google, I knew my Linux SSL problem was truly solved.

Final Thought

In short, the HttpClients.createDefault() error on Linux comes down to environment differences, not broken code. By updating the JDK, ensuring OpenSSL is installed, and explicitly setting a TLS version, I was able to fix the issue and make my HttpClient reliable across platforms. The experience reminded me that cross-platform Java development often requires paying close attention to underlying system libraries and security providers.

Related blog posts

Load more

FSIBlog stands for Future Stack Innovations Blog, a free resource Initiative by Programmatic LLC.

Know More About FSIBLOG
Useful Pages

2024 © FSIBLOG. All Rights Reserved.