我有一个Kotlin程序,它使用jsoup从某个网站下载数据。在IntelliJ IDEA中对其进行测试,效果很好。当我生成JAR工件时,它会失败,并显示javax.net.ssl.SSLHandshakeException。
我已经在Windows和Linux的1.8和10的多个JRE安装上进行了测试,包括IntelliJ随附的副本,并且JAR每次都会失败。该站点的根证书是DigiCert Global Root G2,对于我测试过的每个安装,它似乎都在cacerts中—指纹匹配且所有内容。
我用-Djavax.net.debug=ssl运行JAR,并且在输出末尾包含了它。可根据要求提供更多摘录。
%% Invalidated: [Session-1, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
main, SEND TLSv1.2 ALERT: fatal, description = certificate_unknown
main, WRITE: TLSv1.2 Alert, length = 2
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
main, called close()
main, called closeInternal(true)
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at ...
答案 0 :(得分:0)
对于 IntelliJ-IDEA,请使用内置的信任证书插件:
https://www.jetbrains.com/help/idea/settings-tools-server-certificates.html
它还有一个复选框,让您可以忽略证书。