我无法使用以下代码调用https URL:
try (CloseableHttpClient httpclient = HttpClients.custom().setDefaultRequestConfig(getRequestConfig())
.setSSLSocketFactory(SSLConnectionSocketFactory.getSystemSocketFactory())
.setDefaultCredentialsProvider(credsProvider).setRoutePlanner(getRoutePlanner()).build()) {
...
...
我正在:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
我已经在我的jre的cacert中添加了证书并重新启动服务器,但是我的客户端已经说出了此消息,我该怎么检查?日志?看看客户是否使用我的cacert文件?
在ssl通信过程中,我最终看到了这一点:
Invalidated: [Session-17, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
http-nio-8080-exec-10, SEND TLSv1.2 ALERT: fatal, description = certificate_unknown
http-nio-8080-exec-10, WRITE: TLSv1.2 Alert, length = 2
在所有这些之前,我可以在日志中看到我的证书
谢谢