[英]PKIX path building failed error persists on Oracle JDK
EDIT : The first version of this question gave the impression that my problem had something to do with Maven.编辑:这个问题的第一个版本给人的印象是我的问题与 Maven 有关。 I rephrased to put more focus on the JDK.
我改写为更加关注 JDK。
I get the sun.security.provider.certpath.SunCertPathBuilderException: PKIX path building failed
when trying to contact any SSL-enabled service using Java.尝试使用 Java 联系任何启用 SSL 的服务时,我收到
sun.security.provider.certpath.SunCertPathBuilderException: PKIX path building failed
。 Answers to other relevant questions did not stop the error for me.对其他相关问题的回答并没有阻止我犯错。
The error appears both with any Maven task, such as below...任何 Maven 任务都会出现该错误,如下所示...
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-clean-plugin:2.5:clean (default-clean) on project foundation-ddl: Execution default-clean of goal org.apache.maven.plugins:maven-clean-plugin:2.5:clean failed: Plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved: Failed to collect dependencies at org.apache.maven.plugins:maven-clean-plugin:jar:2.5 -> org.apache.maven:maven-plugin-api:jar:2.0.6: Failed to read artifact descriptor for org.apache.maven:maven-plugin-api:jar:2.0.6: Could not transfer artifact org.apache.maven:maven-plugin-api:pom:2.0.6 from/to example (https://example.com/artifactory/repo/): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target -> [Help 1]
...Or if I execute a jar that contacts a SSL service ...或者如果我执行一个与 SSL 服务联系的 jar
$ java -jar atlassian-bamboo-agent-installer-5.9.7.jar http://...
INFO | jvm 1 | 2016/03/09 10:59:21 | 2016-03-09 10:59:21,381 FATAL [WrapperSimpleAppMain] [AgentBootstrap] Exiting due to fatal exception.
INFO | jvm 1 | 2016/03/09 10:59:21 | javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:535)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentContext.initFingerprint(AgentContext.java:118)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentContext.initServerSession(AgentContext.java:103)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentContext.run(AgentContext.java:94)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentBootstrap.run(AgentBootstrap.java:95)
INFO | jvm 1 | 2016/03/09 10:59:21 | at com.atlassian.bamboo.agent.bootstrap.AgentBootstrap.main(AgentBootstrap.java:41)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
INFO | jvm 1 | 2016/03/09 10:59:21 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
INFO | jvm 1 | 2016/03/09 10:59:21 | at java.lang.reflect.Method.invoke(Method.java:498)
INFO | jvm 1 | 2016/03/09 10:59:21 | at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240)
INFO | jvm 1 | 2016/03/09 10:59:21 | at java.lang.Thread.run(Thread.java:745)
INFO | jvm 1 | 2016/03/09 10:59:21 | Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
No errors, certificate is already trusted
, but that didn't stop the error.No errors, certificate is already trusted
,但这并没有阻止错误。 The well-known ways to fix this issue don't seem to work.解决此问题的众所周知的方法似乎不起作用。 How can I stop the error, fix my JDK and finally use SSL-enabled services again?
如何停止错误、修复我的 JDK 并最终再次使用启用 SSL 的服务?
After futile investigation I ended up purging and reinstalling the JDK, which resolved the issue.经过徒劳的调查,我最终清除并重新安装了 JDK,从而解决了问题。 The version of the JDK did not change.
JDK 的版本没有改变。 For those of you reaching this page for this issue via Google, just do that and save yourself the dread.
对于那些通过谷歌访问此问题的页面的人,只需这样做,就可以避免恐惧。
You should check JDK version you are using and install the Intermediate certificates as well as CAs (if it is self signed or internal signed ) into the JDK which maven is using.您应该检查您正在使用的 JDK 版本并将中间证书以及 CA(如果它是自签名或内部签名)安装到 maven 正在使用的 JDK 中。 I think that resolve the problem.
我认为这可以解决问题。
removing ~/.m2/repository should not be the reason.删除 ~/.m2/repository 不应该是原因。 make sure the has not changed the Certificate Recently.
确保最近没有更改证书。
You could even use the following maven options to locate your trust store and keystore.您甚至可以使用以下 Maven 选项来定位您的信任库和密钥库。
MAVEN_OPTS="-Xmx512m -Djavax.net.ssl.trustStore=trust.jks \
-Djavax.net.ssl.trustStorePassword= \
-Djavax.net.ssl.keyStore=/home/directory/mycertificate.p12 \
-Djavax.net.ssl.keyStoreType=pkcs12 \
-Djavax.net.ssl.keyStorePassword=XXXXXX"
Please refer to below URL it's good guide for Maven SSL configuration请参考以下 URL,这是 Maven SSL 配置的好指南
https://maven.apache.org/guides/mini/guide-repository-ssl.html https://maven.apache.org/guides/mini/guide-repository-ssl.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.