Java調用https服務報錯unable to find valid certification path to requested target的解決方法
咱們網站要進行https改造,配置上購買的SSL證書後,瀏覽器訪問正常,可是寫了個java代碼用httpcomponents調用https rest接口時報錯:html
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetjava
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)web
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)apache
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)瀏覽器
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)app
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)運維
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)ide
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)oop
at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)網站
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
at com.duiba.activity.cmsweb.controller.DappConfigCtrl.main(DappConfigCtrl.java:1248)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
... 25 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 31 more
網上查了一堆資料,要麼說要把網站證書放到某個目錄下,要麼要改代碼,沒有我想要的,由於不可能讓其餘開發者去作這些事情。
後來瞭解到證書鏈這回事,才知道如何解決這個問題。有關證書鏈能夠讀這裏:http://blog.sina.com.cn/s/blog_53ed87c10102vn8b.html
此問題產生的緣由是由於咱們運維配置證書時只使用了簽發的證書,java客戶端沒法找到可信任的上級證書,因此報錯。解決方法也很簡單,把中級證書、根證書附加到簽發證書後面就能夠了,具體方法參考這裏:https://yq.aliyun.com/articles/26569
- 1. SunCertPathBuilderException: unable to find valid certification path to requested target
- 2. unable to find valid certification path to requested target
- 3. ERROR: Unable to find valid certification path to requested target
- 4. java鏈接MySQL時報錯,unable to find valid certification path to requested target
- 5. IDEA maven報錯unable to find valid certification path to requested target
- 6. Android Studio報錯Cause: unable to find valid certification path to requested target
- 7. AndroidStudio升級3.5報錯unable to find valid certification path to requested target
- 8. java 報 unable to find valid certification path to requested target
- 9. 關於ERROR: Cause: unable to find valid certification path to requested target的解決
- 10. maven unable to find valid certification path to requested target的方法
- 更多相關文章...
- • 服務器上的 XML - XML 教程
- • SVN 解決衝突 - SVN 教程
- • 常用的分佈式事務解決方案
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. SunCertPathBuilderException: unable to find valid certification path to requested target
- 2. unable to find valid certification path to requested target
- 3. ERROR: Unable to find valid certification path to requested target
- 4. java鏈接MySQL時報錯,unable to find valid certification path to requested target
- 5. IDEA maven報錯unable to find valid certification path to requested target
- 6. Android Studio報錯Cause: unable to find valid certification path to requested target
- 7. AndroidStudio升級3.5報錯unable to find valid certification path to requested target
- 8. java 報 unable to find valid certification path to requested target
- 9. 關於ERROR: Cause: unable to find valid certification path to requested target的解決
- 10. maven unable to find valid certification path to requested target的方法