Java SSLSocket:PKIX路径构建失败
[英]Java SSLSocket: PKIX path building failed
问题描述
I want to connect to our university server using a SSL connection. 
我想使用SSL连接连接到我们的大学服务器。
I have in a configuration folder the following files: 我在配置文件夹中有以下文件:
- client.policy -client.policy
- uni_keystore.jks -uni_keystore.jks
- uni_server.cer -uni_server.cer
- uni_truststore.jks -uni_truststore.jks
client.policy file contains the following: client.policy文件包含以下内容:
grant {
permission java.security.AllPermission ;
};
The connection to the server is established, but when i try to read from server i get the exception: 与服务器的连接已建立,但是当我尝试从服务器读取时,出现异常:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
This is how i connect to the server (i trimmed the try/catch blocks to shorten the code): 这是我连接到服务器的方式(我修剪了try / catch块以缩短代码):
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
String configPath = "C:/eclipse/workspace/uniproject/";
Properties systemProps = System.getProperties();
systemProps.put( "javax.net.ssl.trustStore", configPath+"uni_truststore.jks");
systemProps.put( "javax.net.ssl.keyStore", configPath+"uni_keystore.jks");
System.setProperties(systemProps);
s = (SSLSocket) factory.createSocket(UNI_ADDRESS, UNI_PORT);
I'm connecting to the server over my VPN. 我正在通过我的VPN连接到服务器。
And this is how i try to read (i trimmed the try/catch blocks to shorten the code): 这就是我尝试读取的方式(我修剪了try / catch块以缩短代码):
InputStream istream = s.getInputStream();
BufferedReader reader = new BufferedReader( new InputStreamReader(istream) );
String data;
do {
// this lines throws exception
data = reader.readLine();
System.out.println(data);
}
while(data != null);
I'm not doing anything about client.policy and uni_server.cer files in the code. 我没有对代码中的client.policy和uni_server.cer文件做任何事情。 Could this be the problem? 这可能是问题吗? what am i missing? 我想念什么?
Thanks. 谢谢。
2 more things: 还有2件事:
- i installed the certification (before this post, i hadn't had) -我安装了认证(在发布此信息之前,我还没有)
- i added the line: -我添加了一行:
systemProps.put( "javax.net.ssl.keyStorePassword", "pass");
1 个解决方案
解决方案1
3 已采纳 2012-11-22 02:22:14
Try re-sequencing your calls like this: 尝试像这样对电话重新排序:
String configPath = "C:/eclipse/workspace/uniproject/";
Properties systemProps = System.getProperties();
systemProps.put( "javax.net.ssl.trustStore", configPath+"uni_truststore.jks");
systemProps.put( "javax.net.ssl.keyStore", configPath+"uni_keystore.jks");
System.setProperties(systemProps);
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
s = (SSLSocket) factory.createSocket(UNI_ADDRESS, UNI_PORT);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.