![4e587bf62f41bf9920d2274814b3418d.png](https://i-blog.csdnimg.cn/blog_migrate/4ca3b2cd2aedd6dde56c69b4b8b1869d.jpeg)
异常信息:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
原因:
此问题通常出现在:
在Java中你所调用的第三方服务使用的是 Let’s Encrypt 签发的证书,而你的jvm对Let’s Encrypt证书不信任造成的,其原因是因为你本地的JDK版本太低,Let’s Encrypt 证书没有在jvm的信任列表里造成的,具体可以查看这个帖子 https://stackoverflow.com/questions/34110426/does-java-support-lets-encrypt-certificates
解决办法:
办法1(推荐):
升级你本地的JDK(Java 7 >= 7u111 and Java 8 >= 8u101)
办法2:
通过代码层面忽略证书(不建议,可临时使用,避免安全风险)
办法3:
使用工具类将证书安装到本地jvm,具体如下:
创建 InstallCert.java 文件,内容如下:
import java.io.BufferedReader; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; import java.security.KeyStore; import java.security.MessageDigest; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLException; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; public class InstallCert { public static void main(String[] args) throws Exception { String host; int port; char[] passphrase; if ((args.length == 1) || (args.length == 2)) { String[] c = args[0].split(":"); host = c[0]; port = (c.length == 1) ? 443 : Integer.parseInt(c[1]); String p = (args.length == 1) ? "changeit" : args[1]; passphrase = p.toCharArray(); } else { System.out.println("Usage: java InstallCert [:port] [passphrase]"); return