我在尝试在服务器端解码播放完整性令牌时遇到了这个异常:PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
代码如下:
DecodeIntegrityTokenRequest decodeRequest = new DecodeIntegrityTokenRequest();
decodeRequest.setIntegrityToken(integrityToken);
InputStream stream = Resources.getResource("credentials.json").openStream();
GoogleCredentials credentials = GoogleCredentials.fromStream(stream);
HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter(credentials);
HttpTransport transport = new NetHttpTransport();
GoogleClientRequestInitializer initializer = new PlayIntegrityRequestInitializer();
// <my-project> is the project-id from service account credentials JSON file
PlayIntegrity.Builder playIntegrity = new PlayIntegrity.Builder(
transport, jsonFactory.getDefaultInstance(),
requestInitializer).setApplicationName("<my-project>").setGoogleClientRequestInitializer(initializer);
PlayIntegrity play = playIntegrity.build();
DecodeIntegrityTokenResponse response = play.v1().decodeIntegrityToken(appId, decodeRequest).execute();SO中的解决方案建议我需要将证书安装到本地密钥库中,但不确定证书来自哪个站点。我试过playintegrity.googleapis.com/v1/PACKAGE_NAME的那个,但没有帮助。
没有太多的帮助,我可以得到与SSL调试启用。
javax.net.ssl|DEBUG|2C|XNIO-1 task-4|2023-04-24 16:44:26.860 PDT|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=playintegrity.googleapis.com) was replaced with (type=host_name (0), value=playintegrity.googleapis.com)
javax.net.ssl|DEBUG|2C|XNIO-1 task-4|2023-04-24 16:44:26.942 PDT|SSLCipher.java:1850|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|2C|XNIO-1 task-4|2023-04-24 16:44:26.942 PDT|SSLCipher.java:2004|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|ERROR|2C|XNIO-1 task-4|2023-04-24 16:44:26.965 PDT|TransportContext.java:312|Fatal (CERTIFICATE_UNKNOWN): PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (
"throwable" : {
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target有办法解决吗?
1条答案
按热度按时间shyt4zoc1#
我最初更新了JRE的密钥库,然后意识到服务器正在使用它的密钥库文件。在更新了服务器自己的密钥库之后,我再也没有收到这个错误了。