DocuSignAPI:无法找到被请求目标的有效证书路径

Question

我试图在DocuSign API工作流(http://iodocs.docusign.com/APIWalkthrough/requestSignatureFromDocument)中运行示例程序，以发送一个简单的文档来请求签名。我用我的值替换了程序中选定的变量(integratorKey通过docContentType)，并在上周成功地发送了请求。然而，今天，当我运行示例程序时(特别是在第65行，在第65行调用conn.getResponseCode()方法)时，我会遇到“无法找到被请求目标的有效证书路径”错误。完整的堆栈跟踪如下：

Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
    at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
    at com.helloworld.RequestSignatureDocument.main(RequestSignatureDocument.java:62)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
    at sun.security.validator.Validator.validate(Validator.java:260)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
    ... 13 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
    ... 19 more

我在DocuSign DevZone归档中查找了这个错误，并找到了以下参考：http://community.docusign.com/t5/DocuSign-API-Integration-Java-READ-ONLY/ValidatorException-while-sending-document-to-Docusign-demo/m-p/6771/highlight/true。这里的答案指向另外两个链接，这基本上需要下载一个名为InstallCert.java的Java程序并运行它来获取一些证书信息，然后安装证书。它应该在本地安装证书，然后当您第二次运行该程序时，它应该会识别证书。

这对我没用！

如何使示例RequestSignatureDocument.java程序运行？

http-colon-//iodocs.docusign.com/APIWalkthrough/requestSignatureFromDocument中第65行周围的线如下所示：

// obtain baseUrl and accountId values from response body 
response = getResponseBody(conn);
baseURL = parseXMLBody(response, "baseUrl");

`

Answer 1

我不能肯定这是我问题的答案，因为我还没有收到DocuSign的任何反馈，但是经过整整两天的浏览文档、博客、StackOverflow等等，我认为我终于找到了一个可行的解决方案。我遵循了在How can I use certificate authentication with HttpsURLConnection?上发布的大部分步骤，并能够连接并发送一个文档供签名。

感觉棒极了！但是后来我尝试了上面文章顶部引用的原始java程序，现在它起了作用，就像上周一样(但不是本周的头几天)。因此，我在SSL上所做的工作，将证书导入到我的keystore等方面，都是没有意义的。

我想我太天真了，但我不得不假设上周DocuSign的某个人改变了一些东西，然后今天又改变了。

如果我在这个假设上错了，而且DocuSign的某个人可以帮我纠正问题，那就太好了。晚做总比不做强。但在事情发生变化之前，我的问题似乎已经“解决”了。