java ssl握手异常pkix路径构建失败

时间:2018-11-05 07:14:54

标签: java ssl keystore rundeck

有人可以帮我解决以下问题。我已经搜索了整个群组。我找到了一些链接,但没有帮助我解决问题。

我们最近将Java和Rundeck升级到了最新版本。

遵循本文档https://rundeck.org/docs/upgrading/upgrade-to-rundeck-3.x.html

,Rundeck已从Rundeck 2.11.X升级到Rundeck3.X。

使用yum进行升级。在一段时间后,我注意到service.log

中出现了许多错误,Rundeck URL通过SSL可以很好地加载 
com.amazonaws.SdkClientException: Unable to execute HTTP request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleRetryableException(AmazonHttpClient.java:1069)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1035)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:742)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:716)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:699)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:667)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:649)
    at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:513

因此,我已按照本文档https://rundeck.org/docs/administration/security/configuring-ssl.html

重新配置了SSL

我从ps命令rundeck看到指向正确的信任库文件,这里是完整的过程命令

rundeck   2455  2447 37 12:26 ?        00:01:13 java -Drundeck.jaaslogin=true -Djava.security.auth.login.config=/etc/rundeck/jaas-loginmodule.conf -Dloginmodule.name=RDpropertyfilelogin -Drdeck.config=/etc/rundeck -Drundeck.server.configDir=/etc/rundeck -Dserver.datastore.path=/var/lib/rundeck/data/rundeck -Drundeck.server.serverDir=/var/lib/rundeck -Drdeck.projects=/var/lib/rundeck/projects -Drdeck.runlogs=/var/lib/rundeck/logs -Drundeck.config.location=/etc/rundeck/rundeck-config.properties -Djava.io.tmpdir=/tmp/rundeck -Drundeck.server.workDir=/tmp/rundeck -Dserver.http.port=4440 -Drdeck.base=/var/lib/rundeck -Xmx1024m -Xms256m -XX:MaxMetaspaceSize=256m -server -Drundeck.ssl.config=/etc/rundeck/ssl/ssl.properties -Dserver.https.port=4443 -Djavax.net.ssl.trustStore=/etc/rundeck/ssl/truststore -Djavax.net.ssl.trustStoreType=jks -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Xmx1024m -Xms256m -XX:MaxMetaspaceSize=256m -server -Djavax.net.ssl.trustStore=/etc/rundeck/ssl/truststore -Djavax.net.ssl.trustStoreType=jks -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -jar /var/lib/rundeck/bootstrap/rundeck-3.0.8-20181029.war --skipinstall

java -version 
openjdk version "1.8.0_181"
OpenJDK Runtime Environment (build 1.8.0_181-b13)
OpenJDK 64-Bit Server VM (build 25.181-b13, mixed mode)

Ec2节点插件无法获取具有上述错误的节点信息,电子邮件发送也因相同错误而失败。

0 个答案:

没有答案
相关问题
最新问题