[英]PKIX path building failed in Eclipse
i'm working with Liferay and i'm using eclipse, and running a client/server model, using an encrypted socket (SSL).我正在使用 Liferay,我正在使用 eclipse,并使用加密套接字 (SSL) 运行客户端/服务器 model。
Currently, my application is running the client/server connection ok when I run the application in batch mode but when i try to start the server in Eclipse the application is giving me error目前,当我以批处理模式运行应用程序时,我的应用程序运行客户端/服务器连接正常,但是当我尝试在 Eclipse 中启动服务器时,应用程序出现错误
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
I already use the InstallCert.java and copy the jssecacerts into我已经使用了 InstallCert.java 并将 jssecacerts 复制到
%JAVA_HOME%/jdk_version/jre/lib/security %JAVA_HOME%/jdk_version/jre/lib/security
but is still giving me errors.但仍然给我错误。 I've also checked the certificate (keytool -v -list) and installed manually in the root CAs trusted.我还检查了证书 (keytool -v -list) 并手动安装在受信任的根 CA 中。 What can be the problem?可能是什么问题? Thanks!谢谢!
Please refer this answer for your reference. 请参考这个答案供您参考。
No need of passing any VM arguments after you successfully installed certificate of the site which is giving you PKIX error! 成功安装给您PKIX错误的站点证书后,无需传递任何VM参数!
But key is to find JRE which is giving you this error! 但关键是要找到给你这个错误的JRE! So make sure about 2 things: 所以要确保两件事:
cacerts
file of JRE which Eclipse is using 您将证书安装到Eclipse正在使用的JRE的cacerts
文件中 在eclipse中运行时,尝试在VM参数中传递certifacate路径
-Djavax.net.ssl.trustStore="PATH_TO_jssecacerts"
tried and tested method.久经考验的方法。 if you face this certificate issue with eclipse plugin installation do below steps:如果您在安装 eclipse 插件时遇到此证书问题,请执行以下步骤:
note the url of the plugin site you are facing issue.请注意您遇到问题的插件站点的 url。
hit that url in browser.在浏览器中点击该网址。
go to lock symbol on left side and click to view certificate转到左侧的锁定符号并单击以查看证书
go to details and do file export in Base 64.转到详细信息并在 Base 64 中进行文件导出。
better to save cert in eclipse directory.最好将证书保存在 eclipse 目录中。
open cmd with administrator用管理员打开cmd
go to jdk directory you are using to run eclipse and find keytool转到您用于运行 eclipse 并找到 keytool 的 jdk 目录
run below command keytool -keystore ..\lib\security\cacerts -import -alias example2 -file <path_to_expotrted cert in step 4>
use password - changeit运行以下命令keytool -keystore ..\lib\security\cacerts -import -alias example2 -file <path_to_expotrted cert in step 4>
使用密码 - changeit
go to eclipse.ini and add below commands -Djavax.net.ssl.trustStore=C:\Program Files\Java\jdk-11\lib\security\cacerts转到 eclipse.ini 并添加以下命令 -Djavax.net.ssl.trustStore=C:\Program Files\Java\jdk-11\lib\security\cacerts
make sure to restart eclipse after every plugin site certificate added to keystore.确保在将每个插件站点证书添加到密钥库后重新启动 Eclipse。
SOLVED: Certificate issue with eclipse plugin installation Follow these steps:已解决:eclipse 插件安装的证书问题按照以下步骤操作:
Understand eclipse uses JRE certs to connect.了解 eclipse 使用 JRE 证书进行连接。 So you need to add your plugin(website) certificates to JRE/lib/security/cacerts所以你需要将你的插件(网站)证书添加到 JRE/lib/security/cacerts
Save it as .cer file将其保存为 .cer 文件
This is all, your certificates are added in JRE and in eclipse you have said to use these certs.这就是全部,您的证书已添加到 JRE 中,并且在 eclipse 中您说过要使用这些证书。
I have solved this issue in my eclipse after struggling for almost a day.经过近一天的努力,我在我的 eclipse 中解决了这个问题。 Please find solution here https://stackoverflow.com/a/73034945/7611709请在这里找到解决方案https://stackoverflow.com/a/73034945/7611709
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.