Question

我正在关注https://www.mkyong.com/webservices/jax-rs/restfull-java-client-with-java-net-url/的mkyong教程但是我没有调用localhost，而是使用这个网站：https://httpbin.org/get

我能够使用HTTP，但不能使用HTTPS。当我尝试使用HTTPS运行它时，我收到此错误：

    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderExce
ption: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
        at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
        at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
        at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
        at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
        at sun.security.ssl.Handshaker.processLoop(Unknown Source)
        at sun.security.ssl.Handshaker.process_record(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source
)
        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(Unknown Source)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown S
ource)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown So
urce)
        at java.net.HttpURLConnection.getResponseCode(Unknown Source)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(Unk
nown Source)
        at com.my.app.HTTPSGetTest.main(HTTPSGetTest.java:22)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed:
 sun.security.provider.certpath.SunCertPathBuilderException: unable to find vali
d certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
        at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
        at sun.security.validator.Validator.validate(Unknown Source)
        at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Sour
ce)
        ... 15 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to
 find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Sourc
e)
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
 Source)
        at java.security.cert.CertPathBuilder.build(Unknown Source)
        ... 21 more

以下是我正在使用的代码：

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.MalformedURLException;
import java.net.URL;

import javax.net.ssl.HttpsURLConnection;

public class HTTPSGetTest {

  public static void main(String[] args) {

    try {

      URL url = new URL("https://httpbin.org/get");
      HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
      conn.setRequestMethod("GET");
      conn.setRequestProperty("Accept", "application/json");

      if (conn.getResponseCode() != 200) {
        throw new RuntimeException("Failed : HTTP error code : " + conn.getResponseCode());
      }

      BufferedReader br = new BufferedReader(new InputStreamReader((conn.getInputStream())));

      String output;
      System.out.println("Output from Server .... \n");
      while ((output = br.readLine()) != null) {
        System.out.println(output);
      }

      conn.disconnect();

    }
    catch (MalformedURLException e) {

      e.printStackTrace();

    }
    catch (IOException e) {

      e.printStackTrace();

    }

  }
}

我尝试运行InstallCert.java，如下所述：http://www.mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target/，但是我收到以下错误：

Loading KeyStore C:\Program Files\Java\jre1.8.0_31\lib\security\cacerts...
Opening connection to localhost:3128...
Starting SSL handshake...
Exception in thread "main" java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(Unknown Source)
        at java.net.SocketInputStream.read(Unknown Source)
        at sun.security.ssl.InputRecord.readFully(Unknown Source)
        at sun.security.ssl.InputRecord.read(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source
)
        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
        at InstallCert.main(InstallCert.java:105)

我在代理服务器后面，我正在使用cntlm来访问代理服务器之外的东西。我不知道这是问题还是其他问题，因为我能够毫无问题地使用HTTP来执行请求。

Answer 1

您可以按照此处提及的步骤www.grim.se/guide/jre-cert

进行操作

另外，请确认您是否已按照此处提及的步骤how-to-configure-tomcat-to-support-ssl-or-https

进行操作

简单的https get测试出错

1 个答案: