PKIX path building failed证书下载

于 2023-06-21 16:35:13 发布
阅读量121 收藏
点赞数
文章标签: java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_38410147/article/details/131330502
版权 
import javax.net.ssl.*;
import java.io.*;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

public class InstallCert {

  public static void main(String[] args) throws Exception {
      String s = "www.baidu.com";
      args=new String[]{s};
    String host;
    int port;
    char[] passphrase;
    if ((args.length == 1) || (args.length == 2)) {
      String[] c = args[0].split(":");
      host = c[0];
      port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);
      String p = (args.length == 1) ? "changeit" : args[1];
      passphrase = p.toCharArray();
    } else {
      System.out
          .println("Usage: java InstallCert <host>[:port] [passphrase]");
      return;
    }

    File file = new File("d://jssecacerts");
    if (file.isFile() == false) {
      char SEP = File.separatorChar;
      File dir = new File(System.getProperty("java.home") + SEP + "lib"
          + SEP + "security");
      file = new File(dir, "jssecacerts");
      if (file.isFile() == false) {
        file = new File(dir, "cacerts");
      }
    }
    System.out.println("Loading KeyStore " + file + "...");
    InputStream in = new FileInputStream(file);
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    ks.load(in, passphrase);
    in.close();

    SSLContext context = SSLContext.getInstance("TLS");
    TrustManagerFactory tmf = TrustManagerFactory
        .getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(ks);
    X509TrustManager defaultTrustManager = (X509TrustManager) tmf
        .getTrustManagers()[0];
    SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
    context.init(null, new TrustManager[] { tm }, null);
    SSLSocketFactory factory = context.getSocketFactory();

    System.out
        .println("Opening connection to " + host + ":" + port + "...");
    SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
    socket.setSoTimeout(10000);
    try {
      System.out.println("Starting SSL handshake...");
      socket.startHandshake();
      socket.close();
      System.out.println();
      System.out.println("No errors, certificate is already trusted");
    } catch (SSLException e) {
      System.out.println();
      e.printStackTrace(System.out);
    }

    X509Certificate[] chain = tm.chain;
    if (chain == null) {
      System.out.println("Could not obtain server certificate chain");
      return;
    }

    BufferedReader reader = new BufferedReader(new InputStreamReader(
        System.in));

    System.out.println();
    System.out.println("Server sent " + chain.length + " certificate(s):");
    System.out.println();
    MessageDigest sha1 = MessageDigest.getInstance("SHA1");
    MessageDigest md5 = MessageDigest.getInstance("MD5");
    for (int i = 0; i < chain.length; i++) {
      X509Certificate cert = chain[i];
      System.out.println(" " + (i + 1) + " Subject "
          + cert.getSubjectDN());
      System.out.println("   Issuer  " + cert.getIssuerDN());
      sha1.update(cert.getEncoded());
      System.out.println("   sha1    " + toHexString(sha1.digest()));
      md5.update(cert.getEncoded());
      System.out.println("   md5     " + toHexString(md5.digest()));
      System.out.println();
    }

    System.out
        .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");
    String line = reader.readLine().trim();
    int k;
    try {
      k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;
    } catch (NumberFormatException e) {
      System.out.println("KeyStore not changed");
      return;
    }

    X509Certificate cert = chain[k];
    String alias = host + "-" + (k + 1);
    ks.setCertificateEntry(alias, cert);

    OutputStream out = new FileOutputStream("jssecacerts");
    ks.store(out, passphrase);
    out.close();

    System.out.println();
    System.out.println(cert);
    System.out.println();
    System.out
        .println("Added certificate to keystore 'jssecacerts' using alias '"
            + alias + "'");
  }

  private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

  private static String toHexString(byte[] bytes) {
    StringBuilder sb = new StringBuilder(bytes.length * 3);
    for (int b : bytes) {
      b &= 0xff;
      sb.append(HEXDIGITS[b >> 4]);
      sb.append(HEXDIGITS[b & 15]);
      sb.append(' ');
    }
    return sb.toString();
  }

  private static class SavingTrustManager implements X509TrustManager {

    private final X509TrustManager tm;
    private X509Certificate[] chain;

    SavingTrustManager(X509TrustManager tm) {
      this.tm = tm;
    }

    public X509Certificate[] getAcceptedIssuers() {
      throw new UnsupportedOperationException();
    }

    public void checkClientTrusted(X509Certificate[] chain, String authType)
        throws CertificateException {
      throw new UnsupportedOperationException();
    }

    public void checkServerTrusted(X509Certificate[] chain, String authType)
        throws CertificateException {
      this.chain = chain;
      tm.checkServerTrusted(chain, authType);
    }
  }

}
其实啥也不是
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
jssecacerts
05-18
Java\jar 1.8.0_141\lib\ext\里面缺少了一个安全凭证jssecacerts证书文件,通过运行下面类可以生成证书,将生成的证书放在Java\jar 1.8.0_141\lib\ext\这个目录下,重启编译器就可以解决。
彻底解决unable to find valid certification path to requested target
热门推荐
程高伟
08-09 16万+
unable to find valid certification path to requested target 解决方案
下载https 公匙证书java代码
hupoling的专栏
03-24 9万+
/*   * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.   *   * Redistribution and use in source and binary forms, with or without   * modification, are permitted provided that the foll
PKIX报错 信任接口ssl证书发送post请求 附带缓存工具类
jnloverll的博客
06-16 976
java https证书信任
下载安全证书到jdk中的cacerts证书
你的眼睛啊ii的博客
12-06 1606
JDK中添加安全证书
解决PKIX:unable to find valid certification path to requested target 的问题(数字证书问题)
gouzhengju1454的博客
08-08 565
解决PKIX:unable to find valid certification path to requested target 的问题 根据错误消息看,貌似是找不到数字证书。可奇怪的是数字证书我已经导入了啊,为何还出现这样的情况了。可能的原因: 一、公钥是否正确?是否是网站出来的公钥? 如果访问百度、阿里云、腾讯云等互联网巨头的网站你会发现,他们的网站URL已经清一色变成HTTPS,不再是HTTP了。 使用HTTPS的原因很简单,已经HTTPS是加密传输的,而HTTP是明文传输的,
解决SSL证书PKIX问题
weixin_34221073的博客
05-18 915
2019独角兽企业重金招聘Python工程师标准>>> ...
解决PKIX path building failed的问题
03-17
NULL 博文链接:https://mengyang.iteye.com/blog/575671
SSL.7z,解决PKIX path building failed 的问题
03-10
PKIX path building failed 的问题。解决本地环境中报错 PKIX path building failed 的问题。 其中有产生证书的代码,将运行产生的证书放在文档中指定位置即可
解决PKIX path building failed的问题的AbstractCasProtocolUrlBasedTicketValidator类
04-28
CAS默认走https,需要安装证书,但是自定义的证书貌似得不到信任,报PKIX path building failed。则可以修改源码来屏蔽错误。
InstallCert:生成jssecacerts文件的脚本
05-20
安装证书 生成jssecacerts文件的脚本。 此仓库是来自的分支 汇编: javac InstallCert.java 执行: java Installcert secure.example.com:443 此命令生成名为jssecacerts的文件,将此文件复制到/ usr / java / default / jre / lib / security /
java在IE中下载证书并安装(根证书
10-20
java下载并自动安装根证书,直接导入工程使用,xp测试过,win7没测试过
Java 生成证书工具类 https
04-10
java生成https安全证书,解决httpClient访问https出错 编译:javac InstallCert.java 运行:java InstallCert 要访问的网址 结果:Enter certificate to add to trusted keystore or 'q' to quit: [1] 输入1确认生成jssecacerts文件,将证书copy到$JAVA_HOME/jre/lib/security目录下
PKIX path building failed
12-07
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
jdk更换ssl证书jssecacerts
1853
08-13 3451
jdk更换ssl证书jssecacerts 背景 项目通过统一身份认证入口进出,项目为http协议,但cas端为https。 但突然登录报错,不知原因?报错内容如下: 集成cas报错javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderExceptio
java中添加https证书,解决PKIX错误
殷长庆的博客
03-30 1346
在linux中部署了一个java项目,期间用到了https调用其他项目的接口,这个https证书是自己生成的测试证书,不会被java自带的安全证书库识别,调用时会报错: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path
解决jdk证书问题 生成jssecacerts PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilde...
weixin_34161029的博客
12-19 1万+
2019独角兽企业重金招聘Python工程师标准>>> ...
Java 信任所有SSL证书(解决PKIX path building failed问题)
navy专栏
11-02 978
package com.yc.xunlei.ui; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net..
JAVA SSL HTTPS 连接详解 生成证书
此生尽兴
12-15 1万+
一、 HTTPS概念1. 简介HTTPS(全称:Hypertext Transfer Protocol over Secure Socket Layer),是以安全为目标的HTTP通道,简单讲是HTTP的安全版。
httpClient报错 PKIX path building failed
最新发布
08-16
根据引用的信息,错误信息中提到了sun.security.validator.ValidatorException: PKIX path building failed,这意味着在验证服务器的证书时出现了问题。引用提供了解决方案,即将目标网站的证书导入到jdk中。 为了...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值