【cas、tomcat】SunCertPathBuilderException: unable to find valid certification path to requested target

最新推荐文章于 2024-07-23 14:12:46 发布
最新推荐文章于 2024-07-23 14:12:46 发布
阅读量2.3k 收藏
点赞数
分类专栏: cas tomcat
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/michaeljy1991/article/details/50441597
版权

异常栈:

HTTP Status 500 - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

type Exception report

message javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

description The server encountered an internal error that prevented it from fulfilling this request.

exception 

java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:407)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)

root cause 

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
	sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
	sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
	sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)
	sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
	sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
	sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
	sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
	sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)

root cause 

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
	sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	sun.security.validator.Validator.validate(Validator.java:260)
	sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
	sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
	sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
	sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
	sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
	sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
	sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
	sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
	sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)

root cause 

sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
	java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
	sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
	sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	sun.security.validator.Validator.validate(Validator.java:260)
	sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
	sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
	sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
	sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
	sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
	sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
	sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
	sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
	sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)

note The full stack trace of the root cause is available in the Apache Tomcat/7.0.65 logs.

Apache Tomcat/7.0.65

原因:

本地证书和server端证书不一致。

参考:http://stackoverflow.com/questions/7709540/how-to-solve-sun-security-provider-certpath-suncertpathbuilderexception

https://confluence.atlassian.com/display/KB/Unable+to+Connect+to+SSL+Services+due+to+PKIX+Path+Building+Failed

http://stackoverflow.com/questions/1828775/how-to-handle-invalid-ssl-certificates-with-apache-httpclient


解决:

将cas-server端证书,放到cas-client的jdk中。


Aldom
关注
专栏目录
HTTPS之PKIX SunCertPathBuilderException: unable to find valid certification path to requested target
GuanHao的博客
06-29 1万+
在配置测试环境的时候报告unable to find valid certification path to requested target错误。 Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPat...
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building f
qq_36666181的博客
03-11 1124
先看错误提示: 2019-03-11 11:40:34.922 ERROR 31168 --- [nio-8084-exec-2] c.m.o.jasig.cas.client.util.CommonUtils : sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provid...
CAS单点登录报错:unable to find valid certification path to requested target
大强博客
07-06 1488
错误信息: Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback. Sat Jul 06 18:30:42 CST 2019 There was an unexpected error (type=Internal Ser...
Android Studio执行代码报错:Cause: unable to find valid certification path to requested target
最新发布
倒四合天的博客
07-23 2515
老项目基本上不会变动,所以这个每次校验,其实是无用的,想把这个校验关掉,但是不知道要怎么做,如果有知道怎么操作的大佬,希望告知一下。现在维护老安卓程序的程序员越来越少了,身边的很多人都转行了,唉,时代的洪流啊,不知道这篇文章是否会对其他人有用,如果帮到你们了,希望你们留个言,这样,我也能知道最起码老的程序还是有人在维护的,我们还有那么一丝丝的价值。将此地址库修改成国内的镜像地址后,可以继续访问了,Gradle就可以继续校验,程序就可以正常运行了。网上找了好多解决方法,但是都不好用。
Unable to find valid certification path to requested target
a704397849的博客
04-09 3170
原文 stackoverflow回答。
SunCertPathBuilderException: unable to find valid certification path
司马懿的西山居
10-11 8328
Project build error: Non-resolvable parent POM for com.example:test:0.0.1-SNAPSHOT: Failure to transfer org.springframework.boot:spring- boot-starter-parent:pom:2.1.9.RELEASE from https://repo.maven....
【引入TestNG报错】SunCertPathBuilderException: unable to find valid certification path to requested target
weixin_44232390的博客
05-28 1562
我安装的插件是7.4.0版本的,引入的TestNG的jar是6.14.3的,jar包 版本与插件不匹配,后边把jar改成7.4.0版本的就好了。
解决jdk证书问题 生成jssecacerts PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilde...
热门推荐
weixin_34161029的博客
12-19 1万+
2019独角兽企业重金招聘Python工程师标准>>> ...
CAS实现SSO单点登录案例(整合SpringSecurity)
qq_35249342的博客
01-15 4454
CAS介绍 CAS是一个单点登录框架,由耶鲁大学的一个组织开发。CAS是一个开源项目,代码目前是在github上管理。单点登录:Single Sign On,简称SSO,SSO使得在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统。通俗理解为一个应用登录了,其他被授权的应用不用再登录。之前也写过一篇sso单点登录,用redis实现的,有兴趣可以翻翻 cas下载地址:https:/...
CAS单点登录快速入门
seancxmao的博客
05-06 2546
CAS SSO
https+shiro+cas+springmvc
TTWiFi的博客
06-07 4482
Shiro+cas实现单点登录及权限控制
异常记录:SunCertPathBuilderException: unable to find valid certification path to requested target...
weixin_34071713的博客
04-25 831
2019独角兽企业重金招聘Python工程师标准>>> ...
【编程问题】SunCertPathBuilderException: unable to find valid certification path to requested target
李晋江的博客
03-13 1259
SSL安全证书校验导致的异常问题解决 SunCertPathBuilderException: unable to find valid certification path to requested target
unable to find valid certification path to requested target
huangbaokang的博客
12-02 770
cas单点登录的时候遇unable to find valid certification path to requested target错误,错误如下: 是因为没有将证书导入到JDK证书库 keytool -import -trustcacerts -alias java1234 -file D:/cas/keystore/java1234.cer -keystore "C:/Program Files/Java/jdk1.8.0_131/jre/lib/security/cacerts" 导入了
CAS SSL证书错误处理
weixin_30800987的博客
02-02 301
  CAS-Tomcat配置好SSL后,访问报错 SunCertPathBuilderException: unable to find valid certification path to requested target   解决方案:   1、下载InstallCert.java:InstallCert.java   2、编译:javac InstallCert.ja...
爬虫时跳过证书
WS3220243774的博客
02-26 258
public class SSLHelper { public static String USER_AGENT = “Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 5.0)”; static public void init() { try { SSLContext context = SSLContext.getInstance(“TLSv1.2”); context.init(null, new X509TrustManager[]{new X509Tru
Jenkins下载插件的时候失败,报错:SunCertPathBuilderException: unable to find valid certification path to requeste
hzau_boy的博客
03-04 1372
下载插件的时候,出现如下报错: SunCertPathBuilderException: unable to find valid certification path to requeste 原因是证书相关问题。 我的是windows下的jenkins,linux的操作应该也差不多。 请按照下述步骤一步步操作: 1、Jenkins的更新站点改为: http://mirror.xmission.com/jenkins/updates/update-center.json 2、修改updates文件夹的de
certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
日日留心的技术专栏
07-01 1419
这个问题卡了我很久,最后经过九九八十一难终于解决,希望对你有所帮助。 出现这个问题的直接原因有两种可能,在不同的服务器上我都遇到了: 原因一:生成的证书有问题 解决办法:复制证书 复制已经生成本验证的有效的证书(cacerts、keystore.jks),到你的这个目录下($JAVA_HOME/jre/lib/security/)。 原因二:网络连接问题 我的问题很奇葩,ping baidu.com 可以,但是ping presto.ludp.lenovo.com不行。 解决办法:vi /etc/resol
GRADLE SunCertPathBuilderException: unable to find valid certification path to requested target
08-31
GRADLE SunCertPathBuilderException: unable to find valid certification path to requested target错误是由于无法找到有效的证书路径引起的。 这个错误通常发生在使用HTTPS连接时,因为Java无法验证服务器的证书...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值