Java Tomcat SSL:无法找到所请求目标的有效认证路径
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/23021719/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Tomcat SSL: unable to find valid certification path to requested target
提问by Sergio Santiago
I'm trying to access an url in my application, but I'm getting this error.
我正在尝试访问我的应用程序中的 url,但出现此错误。
1771426 [http-bio-8180-exec-15] ERROR gadget.GadgetValidatorServlet - wsdl.exception.WSInvokerException: wsdl.exception.WSInvokerException: javax.xml.ws.soap.SOAPFaultException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
1771426 [http-bio-8180-exec-15] ERROR gadget.GadgetPortalValidatorServlet - gadget.exception.GadgetValidatorException: wsdl.exception.WSInvokerException: wsdl.exception.WSInvokerException: javax.xml.ws.soap.SOAPFaultException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I've tried to apply all of those fixes but with no success: http://www.mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target/
我尝试应用所有这些修复但没有成功:http: //www.mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target /
Shortly it needs to run InstallCert app (java InstallCert my.domain.com) and generate the file jssecacerts. After that I've copied and paste this file into /opt/java/jdk1.7.0_45/jre/lib/security/jssecacerts
很快,它需要运行 InstallCert 应用程序(java InstallCert my.domain.com)并生成文件 jssecacerts。之后,我将此文件复制并粘贴到 /opt/java/jdk1.7.0_45/jre/lib/security/jssecacerts
I've also import my cert, the same used in my ssl url (httpd) into my keystore used by tomcat.
我还将我的证书(与我的 ssl url (httpd) 中使用的证书相同)导入到了 tomcat 使用的密钥库中。
Even after that I still getting this error.
即使在那之后我仍然收到这个错误。
Any thoughts?
有什么想法吗?
回答by Henry Keiter
I've been able to fix this problem in the past by setting the javax.net.ssl.trustStoresystem property at runtime to point to the jssecacertsfile. Just putting it in the "right" place never worked for me; I had to set the location explicitly. This is more portable anyway, so I recommend it in general if your app ever needs to move around.
过去,我已经能够通过javax.net.ssl.trustStore在运行时将系统属性设置为指向jssecacerts文件来解决这个问题。只是把它放在“正确”的地方对我来说从来没有用;我必须明确设置位置。无论如何,这更便于携带,因此如果您的应用程序需要四处移动,我通常建议您使用它。
System.setProperty("javax.net.ssl.trustStore", "/path/to/jssecacerts");
