我的java应用程序一直很好,直到我再次尝试编译它并得到了这个错误:
build.xml:246: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1914)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1477)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:213)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:961)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:897)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1033)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1342)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1369)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1353)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at org.apache.tools.ant.taskdefs.Get$GetThread.openConnection(Get.java:690)
at org.apache.tools.ant.taskdefs.Get$GetThread.openConnection(Get.java:715)
at org.apache.tools.ant.taskdefs.Get$GetThread.get(Get.java:606)
at org.apache.tools.ant.taskdefs.Get$GetThread.run(Get.java:596)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1459)
... 14 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 20 more
我正在重新编译它,因为我做了一个更改但是一旦我收到了这个错误,我就把这个改变了,但仍然得到了这个。
是否有人知道可能导致它的原因或我的服务器上可能突然发生的变化?
答案 0 :(得分:2)
当您致电Https api
时,请尝试以下解决方案进行旁路认证1)编写HttpsTrustManager.java类
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class HttpsTrustManager implements X509TrustManager {
private static TrustManager[] trustManagers;
private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{};
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
public boolean isClientTrusted(X509Certificate[] chain) {
return true;
}
public boolean isServerTrusted(X509Certificate[] chain) {
return true;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[]{new HttpsTrustManager()};
}
try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException e) {
//e.printStackTrace();
} catch (KeyManagementException e) {
//e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context
.getSocketFactory());
}
}
2)现在在调用api之前调用下面的函数bwlow
public static void getServerData(final Context cntx) {
myNotificationDb = new Notification_Db(cntx);
RequestQueue queue = Volley.newRequestQueue(cntx);
HttpsTrustManager.allowAllSSL();
JsonObjectRequest jsObjRequest = new JsonObjectRequest(
Request.Method.GET, "Url", null,
new Response.Listener<JSONObject>() {
@Override
public void onResponse(JSONObject response) {
// Your response
}
}, new Response.ErrorListener() {
@Override
public void onErrorResponse(VolleyError error) {
// TODO Auto-generated method stub
}
}) {
@Override
public Map<String, String> getHeaders() throws AuthFailureError {
// Your header parameter if you have otherwise this is optional
return headers;
}
};
queue.add(jsObjRequest);
}
答案 1 :(得分:0)
build.xml:246 :javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径
这意味着在构建期间,代码连接到SSL服务器,但客户端不信任服务器的证书。这是我们从例外中获得的所有信息。
它没有说明理由。
通常服务器的证书(或它的CA)不在受信任的(不在配置的或默认的信任库中),或者服务器的主机名与证书不对应CN(我相信你会得到另一个例外,所以我会在信托商店下注)。