此问题在此处已有答案:
Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?(32个答案)
5个月前关闭。
我正在Tomcat 7.x中通过TLS连接(https)进行Web服务调用
调用Web服务时,我收到以下错误。问题是什么?我已尝试创建证书和CA。
仅供参考-https://sites.google.com/site/ddmwsst/create-your-own-certificate-and-ca
我导入了CA证书和其他证书,但我仍然得到这个问题。请咨询。
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: Problem parsing 'https://localhost:8443/myDomain/MyService?wsdl'.: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:262)
at org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:205)
at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:92)
... 37 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1902)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:632)
at com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:189)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:799)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:123)
at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:237)
at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:300)
... 43 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 61 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
我正在通过本地创建来测试证书。因此,我执行了以下步骤。
密钥〉keytool -genkey -别名TLS -密钥库TLSKeyStore.jks -密钥算法RSA -使用RSA签名SHA1密钥〉keytool -导出-别名TLS -文件TLS.cer -密钥库TLSKeyStore.jks密钥〉keytool -certreq -别名TLS -密钥库TLSKeyStore.jks -文件TLS.csr
CA〉设置RANDFILE=随机数
如果您想访问OpenSSL,请点击这里。如果您想访问OpenSSL,请点击这里。
CA〉openssl x509 -签名密钥TLSkey.pem -请求-天数3650 -输入TLSreq.pem -输出TLSroot.cer -扩展v3_ca
如果您有任何问题,请联系我们。如果您有任何问题,请联系我们。
密钥〉密钥工具-导入-别名TLSCA -文件../CA/TLSrot.cer -密钥库TLSKeyStore.jks密钥〉密钥工具-导入-别名TLS -文件TLSTestCA.cer -密钥库TLSKeyStore.jks
3条答案
按热度按时间rm5edbpk1#
最后我找到了解决这个问题的方法。
在InstallCert.java此链接中引用此www.example.com。通过将参数传递为localhost:9443,将此程序作为独立程序运行,程序将在eclipse下创建jssecacerts文件。将此jssecacerts文件复制到JDK_HOME\jre\lib\security\文件夹中。这样应该可以解决问题
TLS设置愉快!!!
dgjrabp22#
以下是如何导入证书以修复以下错误的全面摘要:
尝试执行请求时出错。javax .NET.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:安全性提供者证书路径生成器异常:找不到所请求目标的有效证书路径
如何导入证书
.der
***使用以下命令将所有 *.der文件导入cacerts文件:
我猜你可能错过了一个步骤。我也遇到了同样的错误,直到我意识到我导入了错误的证书
tkclm6bt3#
请确保在下载ssl证书时禁用了防病毒软件。禁用防病毒软件后,请下载ssl证书。