Error :

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Resolve method :

 import java.io.BufferedReader;

 import java.io.File;

 import java.io.FileInputStream;

 import java.io.FileOutputStream;

 import java.io.InputStream;

 import java.io.InputStreamReader;

 import java.io.OutputStream;

 import java.security.KeyStore;

 import java.security.MessageDigest;

 import java.security.cert.CertificateException;

 import java.security.cert.X509Certificate;

 import javax.net.ssl.SSLContext;

 import javax.net.ssl.SSLException;

 import javax.net.ssl.SSLSocket;

 import javax.net.ssl.SSLSocketFactory;

 import javax.net.ssl.TrustManager;

 import javax.net.ssl.TrustManagerFactory;

 import javax.net.ssl.X509TrustManager;

 public class InstallCert {

     public static void main(String[] args) throws Exception {

         args[0]="www.google.com";

         String host;

         int port;

         char[] passphrase;

         //System.setProperty("javax.net.ssl.trustStore", "C:\\Users\\PL62716\\workspace\\urlAutoConnect\\jssecacerts");

         if ((args.length == 1) || (args.length == 2)) {

             String[] c = args[0].split(":");

             host = c[0];

             port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);

             String p = (args.length == 1) ? "changeit" : args[1];

             passphrase = p.toCharArray();

         } else {

             System.out

                     .println("Usage: java InstallCert <host>[:port] [passphrase]");

             return;

         }

         File file = new File("jssecacerts");

         if (file.isFile() == false) {

             char SEP = File.separatorChar;

             File dir = new File(System.getProperty("java.home") + SEP + "lib"

                     + SEP + "security");

             file = new File(dir, "jssecacerts");

             if (file.isFile() == false) {

                 file = new File(dir, "cacerts");

             }

         }

         System.out.println("Loading KeyStore " + file + "...");

         InputStream in = new FileInputStream(file);

         KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

         ks.load(in, passphrase);

         in.close();

         SSLContext context = SSLContext.getInstance("TLS");

         TrustManagerFactory tmf = TrustManagerFactory

                 .getInstance(TrustManagerFactory.getDefaultAlgorithm());

         tmf.init(ks);

         X509TrustManager defaultTrustManager = (X509TrustManager) tmf

                 .getTrustManagers()[0];

         SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);

         context.init(null, new TrustManager[] { tm }, null);

         SSLSocketFactory factory = context.getSocketFactory();

         System.out

                 .println("Opening connection to " + host + ":" + port + "...");

         SSLSocket socket = (SSLSocket) factory.createSocket(host, port);

         socket.setSoTimeout(10000);

         try {

             System.out.println("Starting SSL handshake...");

             socket.startHandshake();

             socket.close();

             System.out.println();

             System.out.println("No errors, certificate is already trusted");

         } catch (SSLException e) {

             System.out.println();

             e.printStackTrace(System.out);

         }

         X509Certificate[] chain = tm.chain;

         if (chain == null) {

             System.out.println("Could not obtain server certificate chain");

             return;

         }

         BufferedReader reader = new BufferedReader(new InputStreamReader(

                 System.in));

         System.out.println();

         System.out.println("Server sent " + chain.length + " certificate(s):");

         System.out.println();

         MessageDigest sha1 = MessageDigest.getInstance("SHA1");

         MessageDigest md5 = MessageDigest.getInstance("MD5");

         for (int i = 0; i < chain.length; i++) {

             X509Certificate cert = chain[i];

             System.out.println(" " + (i + 1) + " Subject "

                     + cert.getSubjectDN());

             System.out.println("   Issuer  " + cert.getIssuerDN());

             sha1.update(cert.getEncoded());

             System.out.println("   sha1    " + toHexString(sha1.digest()));

             md5.update(cert.getEncoded());

             System.out.println("   md5     " + toHexString(md5.digest()));

             System.out.println();

         }

         System.out

                 .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");

         String line = reader.readLine().trim();

         int k;

         try {

             k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;

         } catch (NumberFormatException e) {

             System.out.println("KeyStore not changed");

             return;

         }

         X509Certificate cert = chain[k];

         String alias = host + "-" + (k + 1);

         ks.setCertificateEntry(alias, cert);

         OutputStream out = new FileOutputStream("jssecacerts");

         ks.store(out, passphrase);

         out.close();

         System.out.println();

         System.out.println(cert);

         System.out.println();

         System.out

                 .println("Added certificate to keystore 'jssecacerts' using alias '"

                         + alias + "'");

     }

     private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

     private static String toHexString(byte[] bytes) {

         StringBuilder sb = new StringBuilder(bytes.length * 3);

         for (int b : bytes) {

             b &= 0xff;

             sb.append(HEXDIGITS[b >> 4]);

             sb.append(HEXDIGITS[b & 15]);

             sb.append(' ');

         }

         return sb.toString();

     }

     private static class SavingTrustManager implements X509TrustManager {

         private final X509TrustManager tm;

         private X509Certificate[] chain;

         SavingTrustManager(X509TrustManager tm) {

             this.tm = tm;

         }

         public X509Certificate[] getAcceptedIssuers() {

             throw new UnsupportedOperationException();

         }

         public void checkClientTrusted(X509Certificate[] chain, String authType)

                 throws CertificateException {

             throw new UnsupportedOperationException();

         }

         public void checkServerTrusted(X509Certificate[] chain, String authType)

                 throws CertificateException {

             this.chain = chain;

             tm.checkServerTrusted(chain, authType);

         }

     }

 }
java InstallCert www.twitter.com

Loading KeyStore /usr/java/jdk1.6.0_16/jre/lib/security/cacerts...

Opening connection to www.twitter.com:443...

Starting SSL handshake...  

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)

    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)

    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:846)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)

    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)

    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038)

    at InstallCert.main(InstallCert.java:63)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)

    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)

    at sun.security.validator.Validator.validate(Validator.java:203)

    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)

    at InstallCert$SavingTrustManager.checkServerTrusted(InstallCert.java:158)

    at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:839)

    ... 7 more

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)

    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)

    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)

    ... 13 more  

Server sent 2 certificate(s):  

 1 Subject CN=www.twitter.com, O=example.com, C=US

   Issuer  CN=Certificate Shack, O=example.com, C=US

   sha1    2e 7f 76 9b 52 91 09 2e 5d 8f 6b 61 39 2d 5e 06 e4 d8 e9 c7

   md5     dd d1 a8 03 d7 6c 4b 11 a7 3d 74 28 89 d0 67 54   

 2 Subject CN=Certificate Shack, O=example.com, C=US

   Issuer  CN=Certificate Shack, O=example.com, C=US

   sha1    fb 58 a7 03 c4 4e 3b 0e e3 2c 40 2f 87 64 13 4d df e1 a1 a6

   md5     72 a0 95 43 7e 41 88 18 ae 2f 6d 98 01 2c 89 68   

Enter certificate to add to trusted keystore or 'q' to quit: [1]

run application result

(1) Input 1, Enter, will generate Security certificate named "jssecacerts"

(2) Copy this file "jssecacerts" to directory "$JAVA_HOME/jre/lib/security"  or use the following way: System.setProperty("javax.net.ssl.trustStore", "你的jssecacerts证书路径");

(3) Restart the web  server, the certificate will take effect.

unable to find valid certification path to requested target的更多相关文章

  1. 解决PKIX:unable to find valid certification path to requested target 的问题

    这两天在twitter服务器上忽然遇到这样的异常: e: sun.security.validator.ValidatorException: PKIX path building failed: s ...

  2. 解决 java 使用ssl过程中出现"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"

    今天,封装HttpClient使用ssl时报一下错误: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorExc ...

  3. 解决PKIX(PKIX path building failed) 问题 unable to find valid certification path to requested target

    最近在写java的一个服务,需要给远程服务器发送post请求,认证方式为Basic Authentication,在请求过程中出现了 PKIX path building failed: sun.se ...

  4. Pop3_解决PKIX:unable to find valid certification path to requested target 的问题

    最近有公司pop3协议接收pp邮箱出现异常,连不上服务器,错误内容: e: sun.security.validator.ValidatorException: PKIX path building ...

  5. https编程遇到PKIX:unable to find valid certification path to requested target 的问题

    https编程遇到PKIX:unable to find valid certification path to requested target 的问题 2016-12-01 解决方案见:解决PKI ...

  6. PKIX:unable to find valid certification path to requested target

    1.Communications link failure,The last packet successfully received from the server was * **millisec ...

  7. 解决flutter:unable to find valid certification path to requested target 的问题

    1.问题 周末在家想搞搞flutter,家里电脑是windows的,按照官网教程一步步安装好以后,创建flutter工程,点击运行,一片红色弹出来,WTF? PKIX path building fa ...

  8. 工作日志,证书无效 unable to find valid certification path to requested target

    工作日志,证书无效 unable to find valid certification path to requested target 最近被这个问题弄得头大.导致所有用到 se.transmod ...

  9. java程序中访问https时,报 PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    在java中使用https访问数据时报异常: Caused by: sun.security.validator.ValidatorException: PKIX path building fail ...

随机推荐

  1. Cassandra笔记--2. 安装

    1. 从apache官网下载Cassandra,我用的版本是2.1.8.压缩包解压,这里的目录是D:\cassandra\apache-cassandra-2.1.8 2. 配置环境变量  添加环境变 ...

  2. VS2010 Command Prompt Error:Cannot determine the location of the VS Common Tools folder

    就在VS2010 Command Prompt 用vcvarsall.bat x64重新设置环境变量的时候,出现了标题中的错误.原因就在参考链接中 References: http://stackov ...

  3. 转:linux执行shell脚本的方式及一些区别

    假设shell脚本文件为hello.sh放在/root目录下.下面介绍几种在终端执行shell脚本的方法: [root@localhost home]# cd /root/ [root@localho ...

  4. 【转】FAE及其发展前景

    原文网址:http://blog.sina.com.cn/s/blog_6e80c27b0100okd9.html FAE Field Application Engineer(现场应用工程师) ,其 ...

  5. cf443B Kolya and Tandem Repeat

    B. Kolya and Tandem Repeat time limit per test 2 seconds memory limit per test 256 megabytes input s ...

  6. opencv视频跟踪2

    在前面的报告中我们实现了用SURF算法计算目标在移动摄像机拍摄到的视频中的位置.由于摄像机本身像素的限制,加之算法处理时间会随着图像质量的提高而提高,实际实验发现在背景复杂的情况下,结果偏差可能会很大 ...

  7. 负重前行的婚纱线上路 - i天下网商-最具深度的电商知识媒体

    负重前行的婚纱线上路 - i天下网商-最具深度的电商知识媒体 负重前行的婚纱线上路

  8. 基于PCA的特征提取

    图像处理方面的知识也学了一段时间了,总是光看理论的话,感觉联系不上实际,第一次把理论综合的实现出来,对这些理论的印象才感觉的更深刻,也能够为后续的学习打下良好的基础. PCA是比较老的算法,但是可靠性 ...

  9. Unity 单元测试(PLUnitTest工具)

    代码测试的由来 上几个星期上面分配给我一个装备系统,我经过了几个星期的战斗写完90%的代码. 后来策划告诉我需求有一定的改动,我就随着策划的意思修改了代码. 但是测试(Xu)告诉我装备系统很多功能都用 ...

  10. pyqt时间

    # -*- coding: utf-8 -*-__author__ = 'Administrator'from PyQt4 import QtCore, QtGui class Help(QtGui. ...