public void sslKeyStoreTrust() throws IOException, NoSuchAlgorithmException, KeyManagementException, KeyStoreException, CertificateException, NoSuchProviderException {
SSLContext sslContext = SSLContext.getInstance("GostTLS");
KeyStore trustedKeyStore = KeyStore.getInstance("CertStore");
trustedKeyStore.load(new FileInputStream("C:\\Temp\\fincert"), "123456".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("GostX509");
tmf.init(trustedKeyStore);
sslContext.init(null, tmf.getTrustManagers(), SecureRandom.getInstance("CPRandom"));

String token;
String baseUrl = "https://zoe-api.fincert.cbr.ru/";


SSLConnectionSocketFactory factory = new SSLConnectionSocketFactory(sslContext,
(s, sslSession) -> true);

Registry r = RegistryBuilder. create()
.register("https", factory).build();

PoolingHttpClientConnectionManager connPool = new PoolingHttpClientConnectionManager(r);

CloseableHttpClient client = HttpClients.custom().
setConnectionManagerShared(true).
setConnectionManager(connPool).
setSSLSocketFactory(factory).build();

HttpPost httpPost = new HttpPost(baseUrl + "api/v1/account/login");
httpPost.setHeader("Content-Type", "application/json");
httpPost.setEntity(new StringEntity("{\"login\":\"abcde\",\"password\":\"123456\"}"));
CloseableHttpResponse response = client.execute(httpPost);
}

WARNING: main, handling exception: javax.net.ssl.SSLHandshakeException: ru.CryptoPro.ssl.pc_4.cl_5: PKIX path building failed: ru.CryptoPro.reprov.certpath.JCPCertPathBuilderException: unable to find valid certification path to requested target

javax.net.ssl.SSLHandshakeException: ru.CryptoPro.ssl.pc_4.cl_5: PKIX path building failed: ru.CryptoPro.reprov.certpath.JCPCertPathBuilderException: unable to find valid certification path to requested target

at ru.CryptoPro.ssl.cl_2.a(Unknown Source)
at ru.CryptoPro.ssl.SSLSocketImpl.a(Unknown Source)
at ru.CryptoPro.ssl.cl_59.a(Unknown Source)
at ru.CryptoPro.ssl.cl_59.a(Unknown Source)
at ru.CryptoPro.ssl.cl_16.a(Unknown Source)
at ru.CryptoPro.ssl.cl_16.a(Unknown Source)
at ru.CryptoPro.ssl.cl_59.s(Unknown Source)
at ru.CryptoPro.ssl.cl_59.a(Unknown Source)
at ru.CryptoPro.ssl.SSLSocketImpl.a(Unknown Source)
at ru.CryptoPro.ssl.SSLSocketImpl.n(Unknown Source)
at ru.CryptoPro.ssl.SSLSocketImpl.b(Unknown Source)
at ru.CryptoPro.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:374)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at ru.nsd.SslTest.sslKeyStoreTrust(SslTest.java:65)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68)
at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47)
at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242)
at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70)
Caused by: ru.CryptoPro.ssl.pc_4.cl_5: PKIX path building failed: ru.CryptoPro.reprov.certpath.JCPCertPathBuilderException: unable to find valid certification path to requested target
at ru.CryptoPro.ssl.pc_4.cl_2.a(Unknown Source)
at ru.CryptoPro.ssl.pc_4.cl_2.a(Unknown Source)
at ru.CryptoPro.ssl.pc_4.cl_4.b(Unknown Source)
at ru.CryptoPro.ssl.cl_121.a(Unknown Source)
at ru.CryptoPro.ssl.cl_121.a(Unknown Source)
at ru.CryptoPro.ssl.cl_121.checkServerTrusted(Unknown Source)
... 44 more
Caused by: ru.CryptoPro.reprov.certpath.JCPCertPathBuilderException: unable to find valid certification path to requested target
at ru.CryptoPro.reprov.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at ru.CryptoPro.reprov.CPCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
... 50 more