我关注了这个博客: http://evanthika.blogspot.com/2014/01/how-to-solve-pkix-path-building-failed.html 我正试图称呼它为: curl -k http://localhost:8080/menu -H“授权:承载265b7375-5411-3a56-8d00-00b34d6313f1” 从这个例子: https://medium.com/@balaajanthan/oauth2-login-for-spring-boot-application-with-wso2-identity-server-da0a88893987
我遵循了步骤,但是仍然出现此错误: org.springframework.web.client.ResourceAccessException:POST请求“ https://localhost:9443/oauth2/introspect”上的I / O错误:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法寻找通往所要求目标的有效认证途径;嵌套异常为javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到到请求目标的有效证书路径 在org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:743)〜[spring-web-5.0.4.RELEASE.jar:5.0.4.RELEASE] 在org.springframework.web.client.RestTemplate.execute(RestTemplate.java:686)〜[spring-web-5.0.4.RELEASE.jar:5.0.4.RELEASE] 在org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)〜[spring-web-5.0.4.RELEASE.jar:5.0.4.RELEASE] 在org.springframework.security.oauth2.provider.token.RemoteTokenServices.postForMap(RemoteTokenServices.java:147)〜[spring-security-oauth2-2.2.1.RELEASE.jar:na] 在org.springframework.security.oauth2.provider.token.RemoteTokenServices.loadAuthentication(RemoteTokenServices.java:106)〜[spring-security-oauth2-2.2.1.RELEASE.jar:na] 在org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager.authenticate(OAuth2AuthenticationManager.java:83)〜[spring-security-oauth2-2.2.1.RELEASE.jar:na] 在org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:150)〜[spring-security-oauth2-2.2.1.RELEASE.jar:na] 在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)〜[spring-web-5.0.4.RELEASE.jar:5.0.4.RELEASE] 在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)〜[spring-web-5.0.4.RELEASE.jar:5.0.4.RELEASE] 在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)〜[spring-security-web-5.0.3.RELEASE.jar:5.0.3.RELEASE] 在org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357)〜[spring-web-5.0.4.RELEASE.jar:5.0.4.RELEASE]
答案 0 :(得分:0)
由于spring客户端正在进行HTTPS调用,因此它应该具有服务器的公共证书(即“ https://localhost:9443/oauth2/introspect”),以便在服务器返回其证书时可以验证证书。
因此,您必须导入WSO2服务器的公共证书,并将其导入到Spring Boot应用程序的信任库。