SSLHandshakeException - PKIX路径构建失败
SSLHandshakeException - PKIX路径构建失败
提问于 2016-05-15 03:19:57
我试图通过以下代码连接到服务器
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs,
String authType) {
}
public void checkServerTrusted(X509Certificate[] certs,
String authType) {
}
} };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
// Install the all-trusting host verifier
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
/*
* end of the fix
*/
// logger.info(input);
String responseString = "";
List<Object> providers = new ArrayList<Object>();
providers.add(new String());
WebClient client = WebClient
.create("https://1.2.3.4:8443/api/methodName");
WebClient.getConfig(client).getHttpConduit().getClient()
.setConnectionTimeout(5000);
System.out.println("input : " + requestString);
client.header("username", new Object[] { headerUsername });
client.header("password", new Object[] { headerPassword });
client.header("Authrorization", new Object[] { headerAuth });
Response response = client.accept(new String[] { "application/json" })
.type("application/json").post(requestString);
if (response.getStatus() != 200) {
throw new Exception("Failed : HTTP error code : "
+ response.getStatus());
}
responseString = IOUtils.toString((InputStream) response.getEntity(),
"UTF-8");
System.out.println("response : " + responseString);我得到了以下例外:
javax.ws.rs.client.ClientException: javax.ws.rs.client.ClientException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://1.2.3.4:8443/api/methodName: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.cxf.jaxrs.client.WebClient.doResponse(WebClient.java:1108)
at org.apache.cxf.jaxrs.client.WebClient.doChainedInvocation(WebClient.java:1059)
at org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:865)
at org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:839)
at org.apache.cxf.jaxrs.client.WebClient.invoke(WebClient.java:299)
at org.apache.cxf.jaxrs.client.WebClient.post(WebClient.java:308)
at com.evampsaanga.phoenix.esb.client.RestClient.callThirdPartyService(RestClient.java:151)
at com.evampsaanga.phoenix.esb.modules.blacklisting.FileProcessor.callM3(FileProcessor.java:57)
at com.evampsaanga.phoenix.esb.modules.blacklisting.FileProcessor.processFile(FileProcessor.java:31)
at com.evampsaanga.phoenix.esb.modules.blacklisting.BlacklistingMain.doProcess(BlacklistingMain.java:29)
at com.evampsaanga.phoenix.esb.modules.ModuleRunner.doProcess(ModuleRunner.java:18)
at sun.reflect.GeneratedMethodAccessor41.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.camel.component.bean.MethodInfo.invoke(MethodInfo.java:407)
at org.apache.camel.component.bean.MethodInfo$1.doProceed(MethodInfo.java:278)
at org.apache.camel.component.bean.MethodInfo$1.proceed(MethodInfo.java:251)
at org.apache.camel.component.bean.BeanProcessor.process(BeanProcessor.java:166)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:72)
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:398)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:191)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:191)
at org.apache.camel.component.timer.TimerConsumer.sendTimerExchange(TimerConsumer.java:139)
at org.apache.camel.component.timer.TimerConsumer$1.run(TimerConsumer.java:64)
at java.util.TimerThread.mainLoop(Timer.java:555)
at java.util.TimerThread.run(Timer.java:505)
Caused by: javax.ws.rs.client.ClientException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://1.2.3.4:8443/api/methodName: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.cxf.jaxrs.client.AbstractClient.checkClientException(AbstractClient.java:575)
at org.apache.cxf.jaxrs.client.AbstractClient.preProcessResult(AbstractClient.java:557)
at org.apache.cxf.jaxrs.client.WebClient.doResponse(WebClient.java:1103)
... 25 more
Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://1.2.3.4:8443/api/methodName: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.reflect.GeneratedConstructorAccessor66.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1339)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1323)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:628)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.jaxrs.client.AbstractClient.doRunInterceptorChain(AbstractClient.java:634)
at org.apache.cxf.jaxrs.client.WebClient.doChainedInvocation(WebClient.java:1058)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1092)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:174)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1283)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1239)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:201)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1296)
... 30 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 54 more我试图通过:在youtube上观看这段视频在JDK中安装其他服务器的证书
openssl s_client -connect 1.2.3.4:8443
然后复制证书并粘贴到名为client.pem的文件中。之后,我转到Java_home/bin并运行以下命令:
./keystore -keystore clientcert - importcert -alias演示-file /home/test/client.pem
输入keystore密码,并得到“将证书添加到keystore”的消息。
最后,当我试着跑到下面:
java -Djavax.net.ssl.trustStore=clientcert -Djavax.net.ssl.trustStorePassword=123456客户机
然后我收到这样的信息:
错误:找不到或加载主类客户端
你能告诉我我在这里做了什么吗?
回答 1
Stack Overflow用户
发布于 2016-05-15 03:33:07
您是否从java_home/bin运行命令"java -Djavax.net.ssl.trustStore=clientcert -Djavax.net.ssl.trustStorePassword=123456 Client“?
如果是这样的话,它就找不到您的“客户端”类。请从您的工作文件夹(客户端类)再次尝试该命令,或者在命令中将类路径分配给客户端。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/37234200
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号