Error :

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Resolve method :

 import java.io.BufferedReader;

 import java.io.File;

 import java.io.FileInputStream;

 import java.io.FileOutputStream;

 import java.io.InputStream;

 import java.io.InputStreamReader;

 import java.io.OutputStream;

 import java.security.KeyStore;

 import java.security.MessageDigest;

 import java.security.cert.CertificateException;

 import java.security.cert.X509Certificate;

 import javax.net.ssl.SSLContext;

 import javax.net.ssl.SSLException;

 import javax.net.ssl.SSLSocket;

 import javax.net.ssl.SSLSocketFactory;

 import javax.net.ssl.TrustManager;

 import javax.net.ssl.TrustManagerFactory;

 import javax.net.ssl.X509TrustManager;

 public class InstallCert {

     public static void main(String[] args) throws Exception {

         args[0]="www.google.com";

         String host;

         int port;

         char[] passphrase;

         //System.setProperty("javax.net.ssl.trustStore", "C:\\Users\\PL62716\\workspace\\urlAutoConnect\\jssecacerts");

         if ((args.length == 1) || (args.length == 2)) {

             String[] c = args[0].split(":");

             host = c[0];

             port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);

             String p = (args.length == 1) ? "changeit" : args[1];

             passphrase = p.toCharArray();

         } else {

             System.out

                     .println("Usage: java InstallCert <host>[:port] [passphrase]");

             return;

         }

         File file = new File("jssecacerts");

         if (file.isFile() == false) {

             char SEP = File.separatorChar;

             File dir = new File(System.getProperty("java.home") + SEP + "lib"

                     + SEP + "security");

             file = new File(dir, "jssecacerts");

             if (file.isFile() == false) {

                 file = new File(dir, "cacerts");

             }

         }

         System.out.println("Loading KeyStore " + file + "...");

         InputStream in = new FileInputStream(file);

         KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

         ks.load(in, passphrase);

         in.close();

         SSLContext context = SSLContext.getInstance("TLS");

         TrustManagerFactory tmf = TrustManagerFactory

                 .getInstance(TrustManagerFactory.getDefaultAlgorithm());

         tmf.init(ks);

         X509TrustManager defaultTrustManager = (X509TrustManager) tmf

                 .getTrustManagers()[0];

         SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);

         context.init(null, new TrustManager[] { tm }, null);

         SSLSocketFactory factory = context.getSocketFactory();

         System.out

                 .println("Opening connection to " + host + ":" + port + "...");

         SSLSocket socket = (SSLSocket) factory.createSocket(host, port);

         socket.setSoTimeout(10000);

         try {

             System.out.println("Starting SSL handshake...");

             socket.startHandshake();

             socket.close();

             System.out.println();

             System.out.println("No errors, certificate is already trusted");

         } catch (SSLException e) {

             System.out.println();

             e.printStackTrace(System.out);

         }

         X509Certificate[] chain = tm.chain;

         if (chain == null) {

             System.out.println("Could not obtain server certificate chain");

             return;

         }

         BufferedReader reader = new BufferedReader(new InputStreamReader(

                 System.in));

         System.out.println();

         System.out.println("Server sent " + chain.length + " certificate(s):");

         System.out.println();

         MessageDigest sha1 = MessageDigest.getInstance("SHA1");

         MessageDigest md5 = MessageDigest.getInstance("MD5");

         for (int i = 0; i < chain.length; i++) {

             X509Certificate cert = chain[i];

             System.out.println(" " + (i + 1) + " Subject "

                     + cert.getSubjectDN());

             System.out.println("   Issuer  " + cert.getIssuerDN());

             sha1.update(cert.getEncoded());

             System.out.println("   sha1    " + toHexString(sha1.digest()));

             md5.update(cert.getEncoded());

             System.out.println("   md5     " + toHexString(md5.digest()));

             System.out.println();

         }

         System.out

                 .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");

         String line = reader.readLine().trim();

         int k;

         try {

             k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;

         } catch (NumberFormatException e) {

             System.out.println("KeyStore not changed");

             return;

         }

         X509Certificate cert = chain[k];

         String alias = host + "-" + (k + 1);

         ks.setCertificateEntry(alias, cert);

         OutputStream out = new FileOutputStream("jssecacerts");

         ks.store(out, passphrase);

         out.close();

         System.out.println();

         System.out.println(cert);

         System.out.println();

         System.out

                 .println("Added certificate to keystore 'jssecacerts' using alias '"

                         + alias + "'");

     }

     private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

     private static String toHexString(byte[] bytes) {

         StringBuilder sb = new StringBuilder(bytes.length * 3);

         for (int b : bytes) {

             b &= 0xff;

             sb.append(HEXDIGITS[b >> 4]);

             sb.append(HEXDIGITS[b & 15]);

             sb.append(' ');

         }

         return sb.toString();

     }

     private static class SavingTrustManager implements X509TrustManager {

         private final X509TrustManager tm;

         private X509Certificate[] chain;

         SavingTrustManager(X509TrustManager tm) {

             this.tm = tm;

         }

         public X509Certificate[] getAcceptedIssuers() {

             throw new UnsupportedOperationException();

         }

         public void checkClientTrusted(X509Certificate[] chain, String authType)

                 throws CertificateException {

             throw new UnsupportedOperationException();

         }

         public void checkServerTrusted(X509Certificate[] chain, String authType)

                 throws CertificateException {

             this.chain = chain;

             tm.checkServerTrusted(chain, authType);

         }

     }

 }
java InstallCert www.twitter.com

Loading KeyStore /usr/java/jdk1.6.0_16/jre/lib/security/cacerts...

Opening connection to www.twitter.com:443...

Starting SSL handshake...  

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)

    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)

    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:846)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)

    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)

    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038)

    at InstallCert.main(InstallCert.java:63)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)

    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)

    at sun.security.validator.Validator.validate(Validator.java:203)

    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)

    at InstallCert$SavingTrustManager.checkServerTrusted(InstallCert.java:158)

    at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:839)

    ... 7 more

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)

    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)

    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)

    ... 13 more  

Server sent 2 certificate(s):  

 1 Subject CN=www.twitter.com, O=example.com, C=US

   Issuer  CN=Certificate Shack, O=example.com, C=US

   sha1    2e 7f 76 9b 52 91 09 2e 5d 8f 6b 61 39 2d 5e 06 e4 d8 e9 c7

   md5     dd d1 a8 03 d7 6c 4b 11 a7 3d 74 28 89 d0 67 54   

 2 Subject CN=Certificate Shack, O=example.com, C=US

   Issuer  CN=Certificate Shack, O=example.com, C=US

   sha1    fb 58 a7 03 c4 4e 3b 0e e3 2c 40 2f 87 64 13 4d df e1 a1 a6

   md5     72 a0 95 43 7e 41 88 18 ae 2f 6d 98 01 2c 89 68   

Enter certificate to add to trusted keystore or 'q' to quit: [1]

run application result

(1) Input 1, Enter, will generate Security certificate named "jssecacerts"

(2) Copy this file "jssecacerts" to directory "$JAVA_HOME/jre/lib/security"  or use the following way: System.setProperty("javax.net.ssl.trustStore", "你的jssecacerts证书路径");

(3) Restart the web  server, the certificate will take effect.

unable to find valid certification path to requested target的更多相关文章

  1. 解决PKIX:unable to find valid certification path to requested target 的问题

    这两天在twitter服务器上忽然遇到这样的异常: e: sun.security.validator.ValidatorException: PKIX path building failed: s ...

  2. 解决 java 使用ssl过程中出现"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"

    今天,封装HttpClient使用ssl时报一下错误: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorExc ...

  3. 解决PKIX(PKIX path building failed) 问题 unable to find valid certification path to requested target

    最近在写java的一个服务,需要给远程服务器发送post请求,认证方式为Basic Authentication,在请求过程中出现了 PKIX path building failed: sun.se ...

  4. Pop3_解决PKIX:unable to find valid certification path to requested target 的问题

    最近有公司pop3协议接收pp邮箱出现异常,连不上服务器,错误内容: e: sun.security.validator.ValidatorException: PKIX path building ...

  5. https编程遇到PKIX:unable to find valid certification path to requested target 的问题

    https编程遇到PKIX:unable to find valid certification path to requested target 的问题 2016-12-01 解决方案见:解决PKI ...

  6. PKIX:unable to find valid certification path to requested target

    1.Communications link failure,The last packet successfully received from the server was * **millisec ...

  7. 解决flutter:unable to find valid certification path to requested target 的问题

    1.问题 周末在家想搞搞flutter,家里电脑是windows的,按照官网教程一步步安装好以后,创建flutter工程,点击运行,一片红色弹出来,WTF? PKIX path building fa ...

  8. 工作日志,证书无效 unable to find valid certification path to requested target

    工作日志,证书无效 unable to find valid certification path to requested target 最近被这个问题弄得头大.导致所有用到 se.transmod ...

  9. java程序中访问https时,报 PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    在java中使用https访问数据时报异常: Caused by: sun.security.validator.ValidatorException: PKIX path building fail ...

随机推荐

  1. eclipse安装lombok插件

    1:下载jar https://projectlombok.org/download.html 2:双击下载的lombok.jar 安装 3:如果eclipse没有安装到默认目录,需要手动选择ecli ...

  2. hdu 畅通工程再续

    http://acm.hdu.edu.cn/showproblem.php?pid=1875 #include <cstdio> #include <cstring> #inc ...

  3. zoj3802:easy 2048 again(状压dp)

    zoj月赛的题目,非常不错的一个状压dp.. 题目大意是一个一维的2048游戏 只要有相邻的相同就会合并,合并之后会有奖励分数,总共n个,每个都可以取或者不取 问最终得到的最大值 数据范围n<= ...

  4. 多重背包问题的两种O(M*N)解法

    多重背包的题目很多,最著名的是poj1742楼教主的男人八题之一. poj1742:coins 有几种面值的钱币和每种的数量,问能够组成m以内的多少种钱数 这个题大家都归为多重背包问题,不过跟实际意义 ...

  5. ext3中xtype属性汇总

    基本组件: xtype Class 描述 button Ext.Button 按钮 splitbutton Ext.SplitButton 带下拉菜单的按钮 cycle Ext.CycleButton ...

  6. scala中的view bound与context bound

    1.scala中的<%意识是“view bounds”(视界) ,它比<:的使用范围更广,还能进行隐式转换,是一种语法糖. 下面的两种写法是等效的,在编译之后完全一样. object Te ...

  7. Oracle查找重复数据

    Select * From 表 Where 重复字段 In (Select 重复字段 From 表 Group By 重复字段 Having Count(*)>1)

  8. select radio readonly

    首先 select radio 设置 disable的会无法提交数据. 这让我很头疼  而且 readonly 无效 后来发现.我把自己绕进去了..一般涉及 只读都是 不让用户修改 .而后台只更新 可 ...

  9. 一致性哈希与java实现

    一致性哈希算法是分布式系统中常用的算法.比如,一个分布式的存储系统,要将数据存储到具体的节点上,如果采用普通的hash方法,将数据映射到具体的节点上,如key%N,key是数据的key,N是机器节点数 ...

  10. ComboBox绑定数据源时触发SelectedIndexChanged事件的处理办法

    转载:http://blog.sina.com.cn/s/blog_629e606f01014d4b.html ComboBox最经常使用的事件就是SelectedIndexChanged.但在将Co ...