java sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效认证路径错误
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/38426695/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target error
提问by Ant s
Where I run the below code I get the error:
在我运行以下代码的地方,我收到错误消息:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I have tried to add the Certificate to the CAcerts keystore for the JDK but with no change in the error. Is their anyway to figure out what keystore it is reading from? Or is this problem something else?
我尝试将证书添加到 JDK 的 CAcerts 密钥库中,但错误没有变化。他们无论如何要弄清楚它正在读取什么密钥库?或者这个问题是别的什么?
public static void main(String args[]) throws Exception {
SOAPConnectionFactory soapConnectionFactory = SOAPConnectionFactory.newInstance();
SOAPConnection soapConnection = soapConnectionFactory.createConnection();
String url = "https://www.mywebservice.com/ws";
SOAPMessage soapResponse = soapConnection.call(createSOAPRequest(),url);
// print SOAP Response
System.out.print("Response SOAP Message:");
soapResponse.writeTo(System.out);
soapConnection.close();
}
Thank you and I will happily provide any other details required.
谢谢,我很乐意提供所需的任何其他详细信息。
回答by pedrofb
You have to add the server certificate, or the root CA to the truststore used by JDK. By default is used jre/lib/security/cacerts.
您必须将服务器证书或根 CA 添加到 JDK 使用的信任库中。默认情况下使用jre/lib/security/cacerts。
If you already imported the server certificate, then verify that you are actually using the correct JDK, or the certificate is successfully imported. You can use a GUI tool like http://www.keystore-explorer.org/or use keytool
如果您已经导入了服务器证书,请验证您实际上使用的是正确的 JDK,或者证书已成功导入。您可以使用像http://www.keystore-explorer.org/这样的 GUI 工具或使用 keytool
You can also use your own trustore (recommended) using a JKS file which includes the server certificate. Configure the usage in this way
您还可以使用包含服务器证书的 JKS 文件来使用您自己的信任(推荐)。这样配置用法
System.setProperty ("javax.net.ssl.trustStore", path_to_your_trustore_jks_file);
System.setProperty ("javax.net.ssl.trustStorePassword", "password");
