背景
访问其他公司API获取数据,但是这家公司更换了SSL证书
- 具体报错信息
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://...": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.cert
path.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.
SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCe
rtPathBuilderException: unable to find valid certification path to requested target
- 解决办法
- 下载该网站的SSL证书
导出的时候选择 crt 文件 - 将下载的文件放入 Linux 服务器上某个目录上 比如:
/home/ca/baidu.com.crt
- 执行
keytool -import -keystore /usr/local/jdk.1.8/jre/lib/security/cacerts -file /home/ca/baidu.com.crt -alias baidu
/usr/local/jdk.1.8/jre/lib/security/cacerts
:/cacerts的前面需要替换成你的路径
-alias:这个是给这个证书取个别名