今天用java HttpClients写爬虫在访问某Https站点报如下错误:

sun.security.validator.ValidatorException: PKIX path building failed...

网上找了找解决方案,看到这篇博客:http://www.oschina.net/question/12_19249

http://www.oschina.net/code/snippet_12_4092

经测试,解决问题,这里做个记录。

/*

 * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 *   - Redistributions of source code must retain the above copyright

 *     notice, this list of conditions and the following disclaimer.

 *

 *   - Redistributions in binary form must reproduce the above copyright

 *     notice, this list of conditions and the following disclaimer in the

 *     documentation and/or other materials provided with the distribution.

 *

 *   - Neither the name of Sun Microsystems nor the names of its

 *     contributors may be used to endorse or promote products derived

 *     from this software without specific prior written permission.

 *

 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS

 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,

 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR

 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,

 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,

 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR

 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF

 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING

 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS

 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 */

import java.io.*;

import java.net.URL;

import java.security.*;

import java.security.cert.*;

import javax.net.ssl.*;

public class InstallCert {

    public static void main(String[] args) throws Exception {

    String host;

    int port;

    char[] passphrase;

    if ((args.length == ) || (args.length == )) {

        String[] c = args[].split(":");

        host = c[];

        port = (c.length == ) ?  : Integer.parseInt(c[]);

        String p = (args.length == ) ? "changeit" : args[];

        passphrase = p.toCharArray();

    } else {

        System.out.println("Usage: java InstallCert <host>[:port] [passphrase]");

        return;

    }

    File file = new File("jssecacerts");

    if (file.isFile() == false) {

        char SEP = File.separatorChar;

        File dir = new File(System.getProperty("java.home") + SEP

            + "lib" + SEP + "security");

        file = new File(dir, "jssecacerts");

        if (file.isFile() == false) {

        file = new File(dir, "cacerts");

        }

    }

    System.out.println("Loading KeyStore " + file + "...");

    InputStream in = new FileInputStream(file);

    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

    ks.load(in, passphrase);

    in.close();

    SSLContext context = SSLContext.getInstance("TLS");

    TrustManagerFactory tmf =

        TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());

    tmf.init(ks);

    X509TrustManager defaultTrustManager = (X509TrustManager)tmf.getTrustManagers()[];

    SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);

    context.init(null, new TrustManager[] {tm}, null);

    SSLSocketFactory factory = context.getSocketFactory();

    System.out.println("Opening connection to " + host + ":" + port + "...");

    SSLSocket socket = (SSLSocket)factory.createSocket(host, port);

    socket.setSoTimeout();

    try {

        System.out.println("Starting SSL handshake...");

        socket.startHandshake();

        socket.close();

        System.out.println();

        System.out.println("No errors, certificate is already trusted");

    } catch (SSLException e) {

        System.out.println();

        e.printStackTrace(System.out);

    }

    X509Certificate[] chain = tm.chain;

    if (chain == null) {

        System.out.println("Could not obtain server certificate chain");

        return;

    }

    BufferedReader reader =

        new BufferedReader(new InputStreamReader(System.in));

    System.out.println();

    System.out.println("Server sent " + chain.length + " certificate(s):");

    System.out.println();

    MessageDigest sha1 = MessageDigest.getInstance("SHA1");

    MessageDigest md5 = MessageDigest.getInstance("MD5");

    for (int i = ; i < chain.length; i++) {

        X509Certificate cert = chain[i];

        System.out.println

            (" " + (i + ) + " Subject " + cert.getSubjectDN());

        System.out.println("   Issuer  " + cert.getIssuerDN());

        sha1.update(cert.getEncoded());

        System.out.println("   sha1    " + toHexString(sha1.digest()));

        md5.update(cert.getEncoded());

        System.out.println("   md5     " + toHexString(md5.digest()));

        System.out.println();

    }

    System.out.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");

    String line = reader.readLine().trim();

    int k;

    try {

        k = (line.length() == ) ?  : Integer.parseInt(line) - ;

    } catch (NumberFormatException e) {

        System.out.println("KeyStore not changed");

        return;

    }

    X509Certificate cert = chain[k];

    String alias = host + "-" + (k + );

    ks.setCertificateEntry(alias, cert);

    OutputStream out = new FileOutputStream("jssecacerts");

    ks.store(out, passphrase);

    out.close();

    System.out.println();

    System.out.println(cert);

    System.out.println();

    System.out.println

        ("Added certificate to keystore 'jssecacerts' using alias '"

        + alias + "'");

    }

    private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

    private static String toHexString(byte[] bytes) {

    StringBuilder sb = new StringBuilder(bytes.length * );

    for (int b : bytes) {

        b &= 0xff;

        sb.append(HEXDIGITS[b >> ]);

        sb.append(HEXDIGITS[b & ]);

        sb.append(' ');

    }

    return sb.toString();

    }

    private static class SavingTrustManager implements X509TrustManager {

    private final X509TrustManager tm;

    private X509Certificate[] chain;

    SavingTrustManager(X509TrustManager tm) {

        this.tm = tm;

    }

    public X509Certificate[] getAcceptedIssuers() {

        throw new UnsupportedOperationException();

    }

    public void checkClientTrusted(X509Certificate[] chain, String authType)

        throws CertificateException {

        throw new UnsupportedOperationException();

    }

    public void checkServerTrusted(X509Certificate[] chain, String authType)

        throws CertificateException {

        this.chain = chain;

        tm.checkServerTrusted(chain, authType);

    }

    }

}

编译:javac InstallCert.java 
运行:java InstallCert ecc.fedora.redhat.com

C:\Program Files\Java\jdk1.8.0_74\jre\lib\security

解决 sun.security.validator.ValidatorException: PKIX path building failed的更多相关文章

  1. 抓取https网页时,报错sun.security.validator.ValidatorException: PKIX path building failed 解决办法

    抓取https网页时,报错sun.security.validator.ValidatorException: PKIX path building failed 解决办法 原因是https证书问题, ...

  2. 异常信息:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

    上周五遇到一个问题,工程本地编译运行正常,打包本地tomcat运行也正常.部署到测试环境报错: 2017-05-05 09:38:11.645 ERROR [HttpPoolClientsUtil.j ...

  3. Maven:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    还是记录使用 maven 时遇到的问题. 一.maven报错 maven package 进行打包时出现了以下报错: Non-resolvable parent POM for com.wpbxin: ...

  4. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

    1.使用HttpClient4.3 调用https出现如下错误: javax.net.ssl.SSLHandshakeException: sun.security.validator.Validat ...

  5. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certificatio

    场景:Java调用PHP接口,代码部署在服务器上后,调用报错,显示PHP服务器那边证书我这边服务器不信任(我猜的). 异常信息: 2019-08-06 14:00:09,102 [http-nio-4 ...

  6. mvn 编译报错mavn sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targ

    mavn 编译报错: mavn sun.security.validator.ValidatorException: PKIX path building failed: sun.security.p ...

  7. ES访问遇到sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    cmd命令cd到jre/bin目录下 输入命令keytool -import -alias 别名 -keystore cacerts -file ‪C://certs//elasticsearch// ...

  8. sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    httpclient-4.5.jar 定时发送http包,忽然有一天报错,http证书变更引起的. 之前的代码 try { CloseableHttpClient httpClient = build ...

  9. javax.net.ssl.sslhandshakeException:sun.security.validator.validatorException:PKIX path buildind failed

    前段时间开发的一个需求,需要通过图片URL获取图片的base64编码,测试的时候使用的是百度图片的url,测试没有问题,但是发布后测试时报如下错: javax.net.ssl.sslhandshake ...

随机推荐

  1. SGU 181 X-Sequence(一题比较水的求模找规律)

    E - X-Sequence Time Limit:500MS     Memory Limit:4096KB     64bit IO Format:%I64d & %I64u Submit ...

  2. android入门 — Activity启动模式

    1.standard模式 standard模式是系统的默认启动方式,每次激活Activity都会创建Activity,并放在任务栈中. 系统不会在乎活动是否已经存在于返回栈中,每次启动都会创建该活动的 ...

  3. huawei oceanstor

      华为产品:OceanStor 6000 V3系列 OceanStor 6800 V3 网页登入设备页面:https+ip+端口 资源分配界面: 首页: wwn为2100xxxxxxxx47e4,设 ...

  4. <问吧>调查问卷心得体会

    <问吧>调查问卷心得与体会 在这之前,我们已经组成了一个六个人的小团队---“走廊奔跑队”,我们这次做的这个项目的名称是:问吧.在项目实施之前,我们必做的一步就是需求分析,目的就是充分了解 ...

  5. HDU3507_Print Article

    这个题目又是一个典型的dp斜率优化的题目.题意是给你n个数,你需要做的是把这个n个数分为连续的若干段,每段的权值为这段数字的和的平方加上M.求最小的总权值. 我们可以根据题意写出朴素版的dp状态转移方 ...

  6. BZOJ 2141 排队(树状数组套主席树)

    解法很多的题,可以块套树状数组,可以线段树套平衡树.我用的是树状数组套主席树. 题意:给出一段数列,m次操作,每次操作是交换两个位置的数,求每次操作后的逆序对数.(n,m<=2e4). 对于没有 ...

  7. Halum UVA - 11478(差分约束 + 二分最小值最大化)

    题意: 给定一个有向图,每条边都有一个权值,每次你可以选择一个结点v和一个整数d,把所有以v为终点的边的权值减小d,把所有以v为起点的边的权值增加d,最后要让所有边权的最小值非负且尽量大 两个特判 1 ...

  8. Django基于正则表达式的URL(1)

    1. 此时,用户只能看到列表,如果用户想查看详细信息,应该再增加程序. 2. 把信息用a标签包起来以后,详细信息就有了可以跳转的功能. . 3. 点击不同的用户名时,获取到不同的信息. 3.1 在ur ...

  9. 【BZOJ4129】Haruna’s Breakfast(树上莫队)

    [BZOJ4129]Haruna's Breakfast(树上莫队) 题面 BZOJ Description Haruna每天都会给提督做早餐! 这天她发现早饭的食材被调皮的 Shimakaze放到了 ...

  10. BZOJ2743:[HEOI2012]采花——题解

    https://www.lydsy.com/JudgeOnline/problem.php?id=2743 萧薰儿是古国的公主,平时的一大爱好是采花. 今天天气晴朗,阳光明媚,公主清晨便去了皇宫中新建 ...