找不到受信任的证书
[英]Could not find trusted certificate
问题描述
Problem: 
问题:
I'm getting a thrown error from javax.net.ssl.SSLHandshakeException (see attached picture) 我从javax.net.ssl.SSLHandshakeException引发了抛出错误(请参见附图)
Is it possible for Java to have a corrupt or missing CA cert? Java是否可能具有损坏或丢失的CA证书? If so how can I repair or resolve this issue/error? 如果是这样,我该如何修复或解决此问题/错误?
Things I've Tried: 我尝试过的事情:
- I have removed all versions of JRE from the PC and installed the latest version of JRE (1.6.14). 我从PC上删除了所有版本的JRE,并安装了最新版本的JRE(1.6.14)。
- Cleaned and removed all unnecessary Trusted Cert's from the User section of Certificates. 从证书的“用户”部分清除并删除了所有不必要的受信任证书。
- Try running keytool to get the fingerprints of the CA's 尝试运行keytool以获取CA的指纹
When trying to run the keytool I'm getting the following: 尝试运行keytool时,出现以下情况:
keytool error: java.security.cert.CertificateParsingException: java.io.IOException: subject key, java.security.spec.InvalidKeySpecException: Unknown key spec. keytool错误:java.security.cert.CertificateParsingException:java.io.IOException:主题密钥,java.security.spec.InvalidKeySpecException:未知密钥规范。
1 个解决方案
解决方案1
1 已采纳 2009-07-30 02:01:53
It is theoretically possible, but IMO highly unlikely, that Java has a corrupt CA cert. 从理论上讲,Java的CA证书损坏是可能的,但IMO不太可能。 It is more likely that the CA cert you want is not in the JRE's cacerts store. 您所需的CA证书更有可能不在JRE的cacerts存储中。 You can check on the contents of the store (on Linux at least) using 'keytool'; 您可以使用“ keytool”检查商店的内容(至少在Linux上); eg 例如
keytool -list -keystore /usr/java/jdk1.6.0_14/jre/lib/security/cacerts
Scan through that listing to see if you can see the fingerprint for the CAcert that your URL requires. 浏览该列表以查看是否可以看到URL所需的CAcert指纹。
Reference: the JDK 6.0 JDK Development Tools / Security Tools page/section. 参考: JDK 6.0 JDK开发工具/安全工具页面/部分。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.