解决unable to find valid certification path to requested target

码农小麦

已于 2023-08-24 21:33:25 修改

阅读量1.1k

点赞数 1

文章标签： https httpclient java

于 2023-07-26 11:30:54 首次发布

本文链接：https://blog.csdn.net/weixin_43275277/article/details/131930882

版权

Java程序使用http组件发起https请求报错
在这里插入图片描述

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
	at jodd.http.net.SocketHttpConnectionProvider.createHttpConnection(SocketHttpConnectionProvider.java:43)
	at jodd.http.HttpRequest.open(HttpRequest.java:550)
	... 3 more

在这里插入图片描述

这里使用joddhttp简单复现下：

<dependency>
            <groupId>org.jodd</groupId>
            <artifactId>jodd-http</artifactId>
            <version>5.0.13</version>
        </dependency>

public static void main(String[] args) {
        HttpResponse response = HttpRequest.post("https://xxxx.com/test/star/notice").send();
        System.out.println(response.bodyText());
    }

解决方案：
1.jdk导入对方证书
2.针对路径信任所有证书

导入证书：

# 导入
keytool -import -v -trustcacerts -alias star_cert -file d://star.com.cn.crt -storepass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
# 查看
keytool -list -v -storepass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts -alias star_cert
# 删除
keytool -delete -alias star_cert -storepass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts

信任证书：

public static void main(String[] args) {
        HttpResponse response = HttpRequest.post("https://xxxx.com/test/star/notice").trustAllCerts(true).send();
        System.out.println(response.bodyText());
}

码农小麦

关注

1
点赞
踩
3

收藏

觉得还不错? 一键收藏
打赏
0
评论
解决unable to find valid certification path to requested target

本文解决客户端http工具发起https请求时，由于客户端无法校验服务端证书，导致的连接目标地址失败问题。文中采用joddhttp组件发起https请求。
复制链接

扫一扫