无法找到到请求的目标PKIX路径构建的有效证书路径失败:sun.security.provider.certpath.SunCertPathBuilderException
[英]unable to find valid certification path to requested target PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException
问题描述
I have create a custom keystore file xyz.jsk, When I tried to using this file I am getting exception 
我创建了一个自定义密钥库文件xyz.jsk,当我尝试使用此文件时,出现异常
org.springframework.web.client.ResourceAccessException: I/O error on POST request for : sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
String keyStorePassword = "NEWPASSWORD";
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
ClassLoader classLoader = getClass().getClassLoader();
// File file = new
File(classLoader.getResource(keyStoreFile).getFile());
File file = new File(dir, "xyz.jks");;
keyStore.load(new FileInputStream(file),
keyStorePassword.toCharArray());
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
new SSLContextBuilder()
.loadTrustMaterial(null, new TrustSelfSignedStrategy())
.loadKeyMaterial(keyStore, keyStorePassword.toCharArray())
.build(),
NoopHostnameVerifier.INSTANCE);
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory httpRequestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
restTemplate.setRequestFactory(httpRequestFactory);
((HttpComponentsClientHttpRequestFactory) restTemplate.getRequestFactory())
.setConnectTimeout(Integer.parseInt(strTimeOut));
ResponseEntity<String> responseEntity = restTemplate.exchange(urlPath, HttpMethod.POST, entity, clazz);
1 个解决方案
解决方案1
1 2019-02-13 11:52:40
Programmatic solution for certificate solution 证书解决方案的程序化解决方案
Please look into following imports :- 请研究以下进口:-
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
Now the function 现在的功能
ClientConfig clientConfig = getClientConfig();
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
SSLContext sc = null;
try {
sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
// do nothing
}
Client client = ClientBuilder.newBuilder().withConfig(clientConfig).sslContext(sc).hostnameVerifier((s1, s2) -> true)
.build();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.