异常记录(一)

最新推荐文章于 2022-03-16 22:41:23 发布
最新推荐文章于 2022-03-16 22:41:23 发布
阅读量139 收藏
点赞数
分类专栏: bug记录 异常记录
原文链接:http://blog.csdn.net/faye0412/article/details/6883879
版权
一.

异常信息:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
原因:
创建ssl 时缺少安全证书
解决办法:
将要访问的的网站的安全证书 导入服务器
具体做法:
以下是获取安全证书的一种方法,通过以下程序获取安全证书:

/* 
 * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved. 
 * 
 * Redistribution and use in source and binary forms, with or without 
 * modification, are permitted provided that the following conditions 
 * are met: 
 * 
 *   - Redistributions of source code must retain the above copyright 
 *     notice, this list of conditions and the following disclaimer. 
 * 
 *   - Redistributions in binary form must reproduce the above copyright 
 *     notice, this list of conditions and the following disclaimer in the 
 *     documentation and/or other materials provided with the distribution. 
 * 
 *   - Neither the name of Sun Microsystems nor the names of its 
 *     contributors may be used to endorse or promote products derived 
 *     from this software without specific prior written permission. 
 * 
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 
 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 
 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR 
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
 */  
  
import java.io.BufferedReader;  
import java.io.File;  
import java.io.FileInputStream;  
import java.io.FileOutputStream;  
import java.io.InputStream;  
import java.io.InputStreamReader;  
import java.io.OutputStream;  
import java.security.KeyStore;  
import java.security.MessageDigest;  
import java.security.cert.CertificateException;  
import java.security.cert.X509Certificate;  
  
import javax.net.ssl.SSLContext;  
import javax.net.ssl.SSLException;  
import javax.net.ssl.SSLSocket;  
import javax.net.ssl.SSLSocketFactory;  
import javax.net.ssl.TrustManager;  
import javax.net.ssl.TrustManagerFactory;  
import javax.net.ssl.X509TrustManager;  
  
public class InstallCert {  
  
    public static void main(String[] args) throws Exception {  
        String host;  
        int port;  
        char[] passphrase;  
        if ((args.length == 1) || (args.length == 2)) {  
            String[] c = args[0].split(":");  
            host = c[0];  
            port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);  
            String p = (args.length == 1) ? "changeit" : args[1];  
            passphrase = p.toCharArray();  
        } else {  
            System.out  
                    .println("Usage: java InstallCert <host>[:port] [passphrase]");  
            return;  
        }  
  
        File file = new File("jssecacerts");  
        if (file.isFile() == false) {  
            char SEP = File.separatorChar;  
            File dir = new File(System.getProperty("java.home") + SEP + "lib"  
                    + SEP + "security");  
            file = new File(dir, "jssecacerts");  
            if (file.isFile() == false) {  
                file = new File(dir, "cacerts");  
            }  
        }  
        System.out.println("Loading KeyStore " + file + "...");  
        InputStream in = new FileInputStream(file);  
        KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());  
        ks.load(in, passphrase);  
        in.close();  
  
        SSLContext context = SSLContext.getInstance("TLS");  
        TrustManagerFactory tmf = TrustManagerFactory  
                .getInstance(TrustManagerFactory.getDefaultAlgorithm());  
        tmf.init(ks);  
        X509TrustManager defaultTrustManager = (X509TrustManager) tmf  
                .getTrustManagers()[0];  
        SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);  
        context.init(null, new TrustManager[] { tm }, null);  
        SSLSocketFactory factory = context.getSocketFactory();  
  
        System.out  
                .println("Opening connection to " + host + ":" + port + "...");  
        SSLSocket socket = (SSLSocket) factory.createSocket(host, port);  
        socket.setSoTimeout(10000);  
        try {  
            System.out.println("Starting SSL handshake...");  
            socket.startHandshake();  
            socket.close();  
            System.out.println();  
            System.out.println("No errors, certificate is already trusted");  
        } catch (SSLException e) {  
            System.out.println();  
            e.printStackTrace(System.out);  
        }  
  
        X509Certificate[] chain = tm.chain;  
        if (chain == null) {  
            System.out.println("Could not obtain server certificate chain");  
            return;  
        }  
  
        BufferedReader reader = new BufferedReader(new InputStreamReader(  
                System.in));  
  
        System.out.println();  
        System.out.println("Server sent " + chain.length + " certificate(s):");  
        System.out.println();  
        MessageDigest sha1 = MessageDigest.getInstance("SHA1");  
        MessageDigest md5 = MessageDigest.getInstance("MD5");  
        for (int i = 0; i < chain.length; i++) {  
            X509Certificate cert = chain[i];  
            System.out.println(" " + (i + 1) + " Subject "  
                    + cert.getSubjectDN());  
            System.out.println("   Issuer  " + cert.getIssuerDN());  
            sha1.update(cert.getEncoded());  
            System.out.println("   sha1    " + toHexString(sha1.digest()));  
            md5.update(cert.getEncoded());  
            System.out.println("   md5     " + toHexString(md5.digest()));  
            System.out.println();  
        }  
  
        System.out  
                .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");  
        String line = reader.readLine().trim();  
        int k;  
        try {  
            k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;  
        } catch (NumberFormatException e) {  
            System.out.println("KeyStore not changed");  
            return;  
        }  
  
        X509Certificate cert = chain[k];  
        String alias = host + "-" + (k + 1);  
        ks.setCertificateEntry(alias, cert);  
  
        OutputStream out = new FileOutputStream("jssecacerts");  
        ks.store(out, passphrase);  
        out.close();  
  
        System.out.println();  
        System.out.println(cert);  
        System.out.println();  
        System.out  
                .println("Added certificate to keystore 'jssecacerts' using alias '"  
                        + alias + "'");  
    }  
  
    private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();  
  
    private static String toHexString(byte[] bytes) {  
        StringBuilder sb = new StringBuilder(bytes.length * 3);  
        for (int b : bytes) {  
            b &= 0xff;  
            sb.append(HEXDIGITS[b >> 4]);  
            sb.append(HEXDIGITS[b & 15]);  
            sb.append(' ');  
        }  
        return sb.toString();  
    }  
  
    private static class SavingTrustManager implements X509TrustManager {  
  
        private final X509TrustManager tm;  
        private X509Certificate[] chain;  
  
        SavingTrustManager(X509TrustManager tm) {  
            this.tm = tm;  
        }  
  
        public X509Certificate[] getAcceptedIssuers() {  
            throw new UnsupportedOperationException();  
        }  
  
        public void checkClientTrusted(X509Certificate[] chain, String authType)  
                throws CertificateException {  
            throw new UnsupportedOperationException();  
        }  
  
        public void checkServerTrusted(X509Certificate[] chain, String authType)  
                throws CertificateException {  
            this.chain = chain;  
            tm.checkServerTrusted(chain, authType);  
        }  
    }  
  
}

编译InstallCert.java,然后执行:java InstallCert hostname,比如:
java InstallCert api.yingwill.com
会看到如下信息:

Loading KeyStore jssecacerts...
Opening connection to api.yingwill.com:443...
Starting SSL handshake...

javax.net.ssl.SSLException: java.lang.UnsupportedOperationException
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1862)
        at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1845)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1366)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
        at InstallCert.main(InstallCert.java:102)
Caused by: java.lang.UnsupportedOperationException
        at InstallCert$SavingTrustManager.getAcceptedIssuers(InstallCert.java:187)
        at sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:998)
        at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:944)
        at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:886)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
        ... 2 more

Server sent 2 certificate(s):

 1 Subject CN=api.yingwill.com
   Issuer  CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
   sha1    f4 eb 51 92 55 ab 4d 35 38 df 1c c1 81 0d 93 97 10 7b fe fe
   md5     a8 f4 1e a5 c7 90 a1 1e 3a b8 72 62 9f e7 7f da

 2 Subject CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
   Issuer  CN=DST Root CA X3, O=Digital Signature Trust Co.
   sha1    e6 a3 b4 5b 06 2d 50 9b 33 82 28 2d 19 6e fe 97 d5 95 6c cb
   md5     b1 54 09 27 4f 54 ad 8f 02 3d 3b 85 a5 ec ec 5d

Enter certificate to add to trusted keystore or 'q' to quit: [1]

输入1,回车,然后会在当前的目录下产生一个名为“ssecacerts”的证书。
将证书拷贝到$JAVA_HOME/jre/lib/security目录下
注意:因为是静态加载,所以要重新启动你的Web Server,证书才能生效。

linbh2018
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
驱动程序无法通过使用安全套接字层(SSL)加密与 SQL Server 建立安全连接 错误解决办法
lw744355998的专栏
03-14 2万+
用java连接sqlserver2005时总是出现下面这个错误 Jan 24, 2008 12:05:34 PM com.microsoft.sqlserver.jdbc.TDSChannel enableSSL 信息: java.security path: C:\Java\jre6\lib\security Security providers: [SUN version 1.6, Su
Digital Path(记忆化搜索)
心升明月的博客
09-08 616
Digital Path前言题意数据范围思路代码 前言 这道题是2019ICPC南京的一道铜牌题,是一道很明显的记忆化搜索题目。但是这道题的一些优化技巧很值得我们去学习。 题意 给定一个n∗mn∗mn∗m的数字矩阵,从任意一个位置开始走,每次只能上下左右走一格,而且下一个位置必须比当前位置的数字大1,能继续往后走就不能停止,求总共有多少条长度大于等于4的路径。 数据范围 1≤n,m≤10001 \leq n,m \leq 10001≤n,m≤1000 −109≤ai,j≤109-10^9 \leq a_{i
Digital Path——拓扑图dp、记忆化搜索
Mr_dimple的博客
03-16 1001
Digital Path 题意: 给定 n*m 的矩阵,每个格子上有一个数值,问满足下列条件的路径条数 (mod 1e9+7): 路径中的相邻两个格子有公共边; 路径不可能被扩展(尽可能长); 路径上至少包含四个格子; 从一个格子只能向比其值大 1 的格子移动。 分析: 看到题目就觉得是搜索题,然后用 dfs 写了一下,超时。那么就要考虑记忆化搜索。 常规的思路是,将一个点往后能够走的路径个数存下来。当走到这个位置,如果发现没有存储,就 dfs 走一遍,回溯之后这个点就有存储了;如果有存储,那就直接用。
配置Tomcat使用https协议(配置SSL协议)
热门推荐
jimmy609的专栏
01-20 12万+
转载地址:http://ln-ydc.iteye.com/blog/1330674 内容概览: 如果希望 Tomcat 支持 Https,主要的工作是配置 SSL 协议   1.生成安全证书   2.配置tomcat ----------------------------------------------------------------------
收货异常记录
12-21
这个文档,"收货异常记录表",是一个专门针对超市管理设计的实用模板,适用于超市管理人员进行日常操作和问题排查。 收货异常记录表的主要目的是记录每一批次商品到达时可能遇到的问题,如数量不符、质量问题、包装...
亲测有效-WPF异常捕捉及解决程序异常闪退与本地异常记录功能代码
最新发布
10-25
本文将深入探讨如何在WPF应用中实现有效的异常捕捉,防止程序异常闪退,并添加本地异常记录功能。 一、全局异常处理 1. 主窗口构造函数:在WPF应用程序的主窗口构造函数中,可以设置一个事件处理器来捕获未处理的...
异常处理及日志记录
08-01
- **全局异常处理**: 通过创建一个全局异常过滤器,可以确保所有未被捕获的异常都能得到妥善处理。这可以通过实现`IExceptionFilter`接口或继承`ExceptionFilterAttribute`类来实现。过滤器会在每个控制器或操作...
LoggingExceptions:设计一个自定义记录器,用于记录某些格式的异常
05-03
"LoggingExceptions:设计一个自定义记录器,用于记录某些格式的异常"这个主题聚焦于创建一个定制的日志记录器,该记录器专门用于记录特定格式的异常信息。这个自定义记录器可以方便地集成到任何Java项目中,无论项目...
网络稳定性检测工具 自动记录异常日志
10-20
网络稳定性检测工具 可有效检测网络稳定状态 对网络问题排查提供直观的一手数据 是一款非常实用的好工具 ...检测中途出现异常被关闭也可以自动保留历史记录 无需人员值守也可以自行完成稳定性检测工作
2019 ICPC 南京 Digital Path
青烟绕指柔的博客
12-03 610
题目链接:Digital Path 路径数量,我们可以想到每次暴力bfs往附近转移。 但是肯定TLE,然后这道题会有路径覆盖的问题,有些路径会被覆盖掉,所以所有有效的路径肯定是从入度为0的点开始。 然后也有许多路径会有交集,所以每次暴力从入度为0的点开始bfs是不行的,然后其实我们可以想到,这个和拓扑排序十分像,于是我们用拓扑排序来状态转移,当这个点入度为0时才加入队列,就保证了每个点入队一次,...
C.Digital Path
spnooyseed的博客
12-02 238
2019 ICPC Nanjing 复现 #include <bits/stdc++.h> #pragma GCC optimize(3 , "Ofast" , "inline") using namespace std; typedef long long ll ; const int INF = 0x3f3f3f3f , N = 1010 ; void read(int &...
java.security不能修改_关于ssl:引起:java.security.UnrecoverableKeyException:无法恢复密钥...
weixin_42117224的博客
03-07 1882
我得到一个名为abcc_client.store的jks密钥库。当我将这个密钥库导入cacerts并尝试连接时,它说没有这种算法错误。pfa堆栈跟踪Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, c...
2019ICPC南京-C-Digital Path(BFS+dp记录
QAQ
12-02 567
题目链接 题意 给了一个路径的定义,每次严格+1的走,能走的必须要走。求这样的路径长度大于4的有多少个。 思路 BFS搜索,但有个问题是如果两条路,有很大一部分是重复的,应该只走一遍。 用入度出度,in,out记录,如果入度为0,则是起点,如果出度为0,则是终点。所有的起点入队,BFS。每次到达一个点,先让该点的入度减一,如果变为0,则入队。这样如果一个点有多个入度,就会只走一次。 用...
解决 sun.security.provider.certpath.SunCertPathBuilderException
追求自由的码砖人
02-25 4万+
在java调用https 时经常出现:unable to find valid certification path to requested target  ,就是安全java自带的安全证书不受信任,有两种方式可以解决,一种是在代码里面实现:详情请参考:http://mengyang.iteye.com/blog/575671 ,另外就是可以使用手动导入安全证书的方式解决问题。  步骤如下:
WPF全局异常捕获与日志记录实践
该资源提供了一种在WPF...通过这种方式,我们可以创建一个全面的异常处理系统,不仅能够处理UI线程上的异常,还能处理后台线程的异常,同时提供详细的日志记录,这对于开发、测试和维护WPF应用程序来说是非常有价值的。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值