Java 信任所有SSL证书(解决PKIX path building failed问题)

最新推荐文章于 2024-05-22 15:19:52 发布
最新推荐文章于 2024-05-22 15:19:52 发布
阅读量2.3k 收藏
点赞数
分类专栏: Java 文章标签: java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/lamdu/article/details/84732544
版权
Java在请求某些不受信任的https网站时会报:PKIX path building failed 
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
	at SslTest.getRequest(SslTest.java:16)
	at SslTest.main(SslTest.java:40)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:230)
	at sun.security.validator.Validator.validate(Validator.java:260)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
	... 13 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
	... 19 more


解决办法:

1、导入证书到本地证书库

2、信任所有SSL证书

最好的解决办法或许是信任所有SSL证书,因为某些时候不能每次都手动的导入证书非常麻烦。现在封装了个方法,在连接openConnection的时候忽略掉证书就行了。 

SslUtils.ignoreSsl();


import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class SslUtils {
	private static void trustAllHttpsCertificates() throws Exception {
		TrustManager[] trustAllCerts = new TrustManager[1];
		TrustManager tm = new miTM();
		trustAllCerts[0] = tm;
		SSLContext sc = SSLContext.getInstance("SSL");
		sc.init(null, trustAllCerts, null);
		HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
	}
	static class miTM implements TrustManager,X509TrustManager {
		public X509Certificate[] getAcceptedIssuers() {
			return null;
		}
		public boolean isServerTrusted(X509Certificate[] certs) {
			return true;
		}
		public boolean isClientTrusted(X509Certificate[] certs) {
			return true;
		}
		public void checkServerTrusted(X509Certificate[] certs, String authType)
				throws CertificateException {
			return;
		}
		public void checkClientTrusted(X509Certificate[] certs, String authType)
				throws CertificateException {
			return;
		}
	}
	/**
	 * 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
	 * @throws Exception
	 */
	public static void ignoreSsl() throws Exception{
		HostnameVerifier hv = new HostnameVerifier() {
			public boolean verify(String urlHostName, SSLSession session) {
				System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
				return true;
			}
		};
		trustAllHttpsCertificates();
		HttpsURLConnection.setDefaultHostnameVerifier(hv);
	}
}



URL u = new URL(url);
		if("https".equalsIgnoreCase(u.getProtocol())){
			SslUtils.ignoreSsl();
		}
		URLConnection conn = u.openConnection();
		conn.setConnectTimeout(timeOut);
		conn.setReadTimeout(timeOut);
		return IOUtils.toString(conn.getInputStream());
lamdu
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
java 解决sun.security.validator.ValidatorException: PKIX path building failed证书 问题
asfsdf23的博客
08-19 835
java 解决sun.security.validator.ValidatorException: PKIX path building failed证书 问题 public class SslUtils { private static void trustAllHttpsCertificates() throws Exception { TrustManager[] trustAllCerts = new TrustManager[1]; TrustManager tm = new m
java https信任所有证书
u012427018的博客
07-14 1万+
首先感谢http://www.infoq.com/cn/articles/keeping-your-secrets这篇文章解决了我的问题(即不能使用System.setProperty("https.protocols","TLSv1"); ) 以下是两个https信任所有证书的实例:package com.colotnet.util; import java.io.InputStre
Java】 深入理解Java中的证书验证错误:“PKIX path building failed”和“unable to find valid certification path to requ
baidu_23445983的博客
05-22 294
Java中,当我们尝试与一个使用SSL/TLS协议的服务器进行安全通信时,Java虚拟机(JVM)会使用PKIX(Public Key Infrastructure X.509)来验证服务器的证书链。PKIX是一种基于公钥基础设施(PKI)的证书验证框架,它确保了通信的安全性和数据的完整性。证书链验证的目的是确保服务器证书是由一个可信的证书颁发机构(CA)签发的,并且证书链中的每个证书都有效。这个过程涉及到多个步骤,包括证书的有效期检查、证书撤销列表(CRL)的检查、证书路径构建等。
Java信任所有SSL证书,HTTPS请求抛错,忽略证书请求
qq_52071730的博客
02-05 2368
Java 信任所有SSL证书,HTTPS请求抛错,忽略证书请求
Java 解决PKIX path building failed问题(信任所有证书)
qq_36138652的博客
11-08 6001
解决PKIX path building failed
PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
跟着BOSS有肉吃
10-23 4146
异常原因:SSL证书过期。
解决PKIX path building failed问题
03-17
标题中的“解决PKIX path building failed问题”是一个关于网络安全和证书验证的常见错误,通常出现在Java应用程序中。当一个程序尝试通过HTTPS连接到一个服务器时,如果Java信任存储(Truststore)不包含服务器...
SSL.7z,解决PKIX path building failed问题
03-10
PKIX path building failed问题解决本地环境中报错 PKIX path building failed问题。 其中有产生证书的代码,将运行产生的证书放在文档中指定位置即可
PKIX path building failed解决java获取https的时遇到的证书问题
最新发布
07-02
java在获取https的网页时,有时候会出现如下异常:javax...PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:  unable to find valid certification path to requested target
InstallCert.java工具及使用方法.zip
07-29
HTTP Status 500 - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find ...
关于IDEA2020.1新建项目maven PKIX 报错问题解决方法
08-19
这个错误的主要原因是ValidatorException:PKIX path building failed : sun.security.provider.certpath.SunCertPathBuilderException : unable to find valid certification path to requested target。...
验证证书unable to find valid certification path to requested target
05-07
当在Java中使用URL.openConnection().connect()方法进行HTTPS请求时,如果遇到PKIX path building failed异常,通常意味着Java运行环境在验证服务器证书链时遇到了问题。具体错误信息sun.security.provider....
gradle-trust-all:一个用于禁用 SSL 证书验证的 gradle 插件
06-02
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 处理这种情况的常用 Java 方法是下载站点证书,将其导入...
Trusted Path Debugger:用于 PKIX 路径构建的 Java 调试器失败错误-开源
07-12
Java 中,在进行 HTTPS 连接时,人们通常会遇到以下异常堆栈跟踪: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath...
PKIX_maven_archetype.rar
03-13
3. 本地的Java信任存储中没有服务器的证书。 4. Maven的`settings.xml`或`settings-security.xml`配置有误。 为了解决这个问题,你可以尝试以下步骤: 1. 检查服务器的SSL配置,确保其拥有完整的证书链。 2. 更新...
java 发送https 请求 证书
11-21
Java的TrustStore包含了系统信任的根证书,如果服务器的证书不在这个TrustStore中,Java会抛出“ sun.security.validator.ValidatorException: PKIX path building failed”这样的异常。以下是一些步骤来处理这个...
java 信任所有ssl证书_【笔记】Java 信任所有SSL证书(解决PKIX path building failed问题)...
weixin_36217058的博客
02-16 974
java报错javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certif...
Java信任SSL证书(三行代码解决PKIX path building failed问题
热门推荐
爱吃袜子的二哈
01-22 1万+
使用Apache HttpClient包,发送http请求,解决PKIX path building failed信任SSL证书问题: import org.apache.commons.lang.StringUtils; import org.apache.http.HttpEntity; import org.apache.http.NameValuePair; import org.apa...
java 信任所有ssl证书_Java 信任所有SSL证书(解决PKIX path building failed问题)
weixin_35353904的博客
02-16 1306
Java 信任所有SSL证书(解决PKIX path building failed问题)发布于 2014/04/29PHP & JavaJava在请求某些不受信任的https网站时会报:PKIX path building failedjavax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorExcepti...
java如何解决PKIX path building failed
03-29
PKIX path building failedJava中的一个常见错误,它通常表示在建立PKIX路径时出现了问题PKIX(Public Key Infrastructure X.509)是一种用于验证和建立数字证书链的标准协议。 要解决PKIX path building ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值