今天用java HttpClients写爬虫在访问某Https站点报如下错误:

sun.security.validator.ValidatorException: PKIX path building failed...

网上找了找解决方案,看到这篇博客:http://www.oschina.net/question/12_19249

http://www.oschina.net/code/snippet_12_4092

经测试,解决问题,这里做个记录。

/*

 * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 *   - Redistributions of source code must retain the above copyright

 *     notice, this list of conditions and the following disclaimer.

 *

 *   - Redistributions in binary form must reproduce the above copyright

 *     notice, this list of conditions and the following disclaimer in the

 *     documentation and/or other materials provided with the distribution.

 *

 *   - Neither the name of Sun Microsystems nor the names of its

 *     contributors may be used to endorse or promote products derived

 *     from this software without specific prior written permission.

 *

 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS

 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,

 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR

 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,

 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,

 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR

 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF

 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING

 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS

 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 */

import java.io.*;

import java.net.URL;

import java.security.*;

import java.security.cert.*;

import javax.net.ssl.*;

public class InstallCert {

    public static void main(String[] args) throws Exception {

    String host;

    int port;

    char[] passphrase;

    if ((args.length == ) || (args.length == )) {

        String[] c = args[].split(":");

        host = c[];

        port = (c.length == ) ?  : Integer.parseInt(c[]);

        String p = (args.length == ) ? "changeit" : args[];

        passphrase = p.toCharArray();

    } else {

        System.out.println("Usage: java InstallCert <host>[:port] [passphrase]");

        return;

    }

    File file = new File("jssecacerts");

    if (file.isFile() == false) {

        char SEP = File.separatorChar;

        File dir = new File(System.getProperty("java.home") + SEP

            + "lib" + SEP + "security");

        file = new File(dir, "jssecacerts");

        if (file.isFile() == false) {

        file = new File(dir, "cacerts");

        }

    }

    System.out.println("Loading KeyStore " + file + "...");

    InputStream in = new FileInputStream(file);

    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

    ks.load(in, passphrase);

    in.close();

    SSLContext context = SSLContext.getInstance("TLS");

    TrustManagerFactory tmf =

        TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());

    tmf.init(ks);

    X509TrustManager defaultTrustManager = (X509TrustManager)tmf.getTrustManagers()[];

    SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);

    context.init(null, new TrustManager[] {tm}, null);

    SSLSocketFactory factory = context.getSocketFactory();

    System.out.println("Opening connection to " + host + ":" + port + "...");

    SSLSocket socket = (SSLSocket)factory.createSocket(host, port);

    socket.setSoTimeout();

    try {

        System.out.println("Starting SSL handshake...");

        socket.startHandshake();

        socket.close();

        System.out.println();

        System.out.println("No errors, certificate is already trusted");

    } catch (SSLException e) {

        System.out.println();

        e.printStackTrace(System.out);

    }

    X509Certificate[] chain = tm.chain;

    if (chain == null) {

        System.out.println("Could not obtain server certificate chain");

        return;

    }

    BufferedReader reader =

        new BufferedReader(new InputStreamReader(System.in));

    System.out.println();

    System.out.println("Server sent " + chain.length + " certificate(s):");

    System.out.println();

    MessageDigest sha1 = MessageDigest.getInstance("SHA1");

    MessageDigest md5 = MessageDigest.getInstance("MD5");

    for (int i = ; i < chain.length; i++) {

        X509Certificate cert = chain[i];

        System.out.println

            (" " + (i + ) + " Subject " + cert.getSubjectDN());

        System.out.println("   Issuer  " + cert.getIssuerDN());

        sha1.update(cert.getEncoded());

        System.out.println("   sha1    " + toHexString(sha1.digest()));

        md5.update(cert.getEncoded());

        System.out.println("   md5     " + toHexString(md5.digest()));

        System.out.println();

    }

    System.out.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");

    String line = reader.readLine().trim();

    int k;

    try {

        k = (line.length() == ) ?  : Integer.parseInt(line) - ;

    } catch (NumberFormatException e) {

        System.out.println("KeyStore not changed");

        return;

    }

    X509Certificate cert = chain[k];

    String alias = host + "-" + (k + );

    ks.setCertificateEntry(alias, cert);

    OutputStream out = new FileOutputStream("jssecacerts");

    ks.store(out, passphrase);

    out.close();

    System.out.println();

    System.out.println(cert);

    System.out.println();

    System.out.println

        ("Added certificate to keystore 'jssecacerts' using alias '"

        + alias + "'");

    }

    private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

    private static String toHexString(byte[] bytes) {

    StringBuilder sb = new StringBuilder(bytes.length * );

    for (int b : bytes) {

        b &= 0xff;

        sb.append(HEXDIGITS[b >> ]);

        sb.append(HEXDIGITS[b & ]);

        sb.append(' ');

    }

    return sb.toString();

    }

    private static class SavingTrustManager implements X509TrustManager {

    private final X509TrustManager tm;

    private X509Certificate[] chain;

    SavingTrustManager(X509TrustManager tm) {

        this.tm = tm;

    }

    public X509Certificate[] getAcceptedIssuers() {

        throw new UnsupportedOperationException();

    }

    public void checkClientTrusted(X509Certificate[] chain, String authType)

        throws CertificateException {

        throw new UnsupportedOperationException();

    }

    public void checkServerTrusted(X509Certificate[] chain, String authType)

        throws CertificateException {

        this.chain = chain;

        tm.checkServerTrusted(chain, authType);

    }

    }

}

编译:javac InstallCert.java 
运行:java InstallCert ecc.fedora.redhat.com

C:\Program Files\Java\jdk1.8.0_74\jre\lib\security

解决 sun.security.validator.ValidatorException: PKIX path building failed的更多相关文章

  1. 抓取https网页时,报错sun.security.validator.ValidatorException: PKIX path building failed 解决办法

    抓取https网页时,报错sun.security.validator.ValidatorException: PKIX path building failed 解决办法 原因是https证书问题, ...

  2. 异常信息:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

    上周五遇到一个问题,工程本地编译运行正常,打包本地tomcat运行也正常.部署到测试环境报错: 2017-05-05 09:38:11.645 ERROR [HttpPoolClientsUtil.j ...

  3. Maven:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    还是记录使用 maven 时遇到的问题. 一.maven报错 maven package 进行打包时出现了以下报错: Non-resolvable parent POM for com.wpbxin: ...

  4. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

    1.使用HttpClient4.3 调用https出现如下错误: javax.net.ssl.SSLHandshakeException: sun.security.validator.Validat ...

  5. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certificatio

    场景:Java调用PHP接口,代码部署在服务器上后,调用报错,显示PHP服务器那边证书我这边服务器不信任(我猜的). 异常信息: 2019-08-06 14:00:09,102 [http-nio-4 ...

  6. mvn 编译报错mavn sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targ

    mavn 编译报错: mavn sun.security.validator.ValidatorException: PKIX path building failed: sun.security.p ...

  7. ES访问遇到sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    cmd命令cd到jre/bin目录下 输入命令keytool -import -alias 别名 -keystore cacerts -file ‪C://certs//elasticsearch// ...

  8. sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    httpclient-4.5.jar 定时发送http包,忽然有一天报错,http证书变更引起的. 之前的代码 try { CloseableHttpClient httpClient = build ...

  9. javax.net.ssl.sslhandshakeException:sun.security.validator.validatorException:PKIX path buildind failed

    前段时间开发的一个需求,需要通过图片URL获取图片的base64编码,测试的时候使用的是百度图片的url,测试没有问题,但是发布后测试时报如下错: javax.net.ssl.sslhandshake ...

随机推荐

  1. jQuery之css

    设置css样式/读取css值 css() 1. 得到第一个p标签的颜色 2. 设置所有p标签的文本颜色为red 3. 设置第2个p的字体颜色(#ff0011),背景(blue),宽(300px), 高 ...

  2. [2017BUAA软工]第一次博客作业

    一.一些疑问 看书看得比较慢,暂时只思考了以下几个问题,有些自问自答,不知道符合不符合要求…… [1] 第一章中书上提到了这样一个例子: “如果一架民用飞机上有需求,用户使用它的概率是百万分之一,你还 ...

  3. app测试更多机型系统解决方法

    手头上测试机有限,不可能每个机型每个系统都 有一部手机,此时寻求一个什么都有的测试平台就显得尤为重要了. 作为小白的我刚刚使用了一波腾讯优测,简单粗暴有效给力,而且新注册认证用户还有60min免费使用 ...

  4. 设计模式PHP篇(三)————装饰器模式

    简单的用php实现了装饰器模式: <?php /** *简单的装饰器模式 */ class PrintText { protected $decorators = []; public func ...

  5. ci事务

    CI框架百问百答:CodeIgniter的事务用法?--第9问 时间 2013-06-06 10:57:45  CSDN博客 原文  http://blog.csdn.net/haor2756/art ...

  6. JMS学习一(JMS介绍)

    一.JMS是个什么鬼 1.百度百科解释:JMS即Java消息服务(Java Message Service)应用程序接口,是一个Java平台中关于面向消息中间件(MOM)的API,用于在两个应用程序之 ...

  7. Android Studio- 把项目提交到SVN中操作方法

    第一步 下载SVN,下载完成之后,需要吧command line client tools点击修改安装 然后Crash Reporter点击选择取消安装 如果不进行该操作,则可能在C:\Program ...

  8. Fetch POST All in One

    Fetch POST All in One FPAIO "use strict"; /** * * @author xgqfrms * @license MIT * @copyri ...

  9. 【bzoj2741】[FOTILE模拟赛]L 可持久化Trie树+分块

    题目描述 FOTILE得到了一个长为N的序列A,为了拯救地球,他希望知道某些区间内的最大的连续XOR和. 即对于一个询问,你需要求出max(Ai xor Ai+1 xor Ai+2 ... xor A ...

  10. 【明哥报错簿】之【解决eclipse项目小红叉】

    解决方案: 0.如果是jdk版本不一致,直接右击项目名称,选择maven里面的update project.原因一般是maven的pom.xml里面设置的编译插件org.apache.maven.pl ...