我正在开发一个项目,该项目目前使用jose4j来检查提供给API的JWT是否在Microsofts Azure AD中具有正确的组。 AD密钥通过以下HTTP调用获得:
Client client = ClientBuilder.newClient();
Response response = client.target(MICROSOFT_SERVICE_URL)
.request(MediaType.APPLICATION_JSON_TYPE)
.get();
然后,项目必须向外部SOAP API发出请求。这就是造成冲突的地方。我有以下代码设置证书所需的系统属性:
System.setProperty("com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump", "true");
System.setProperty("com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.dump", "true");
System.setProperty("com.sun.xml.ws.transport.http.HttpAdapter.dump", "true");
System.setProperty("com.sun.xml.internal.ws.transport.http.HttpAdapter.dump", "true");
System.setProperty("javax.net.ssl.keyStoreType", "jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStore", "KeyStore.cert");
System.setProperty("javax.net.ssl.trustStore", "KeyStore.cert");
当我提出请求时,我收到以下错误:
javax.servlet.ServletException: javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
但是,当我注释掉keyStore和trustStore代码时,它会起作用。
库中是否有任何可能导致此冲突的内容?
任何建议都将受到赞赏。
亚历