获取AccessToken时ADAL4J出现问题 [英] Issue with ADAL4J while fetching AccessToken

问题描述

大家好，

我们有一个使用ADAL4J编写的JAVA代码  1.1.3版本我们利用租户，Client_ID，资源，用户名和密码来呼叫Host  = https://login.windows.net。

此代码在服务器上运行正常，过去1年但是自上周以来投掷错误  " MP：异常捕获原因java.util.concurrent.ExecutionException：javax.net.ssl .SSLHandshakeException：
sun.security.validator.ValidatorException：PKIX路径构建失败：sun.security.provider.certpath.SunCertPathBuilderException：无法找到所请求目标的有效证书路径" 。

我的本​​地机器上正在运行相同的程序，我可以获取令牌但是在服务器上它出错了。

似乎我们需要添加一些certficate / root，但是我们已经部署了login.microsoftonline.com证书。

谢谢...

解决方案

错误意味着您的服务器的SSL证书无法验证，无论是因为您的服务器使用的是自签名证书，还是因为您的Java运行时未附带相应的根证书来验证服务器的证书链
（即您需要多个证书进口）。如果您希望信任服务器的证书，则可以将服务器的证书导入Java运行时的证书存储区。您还可能需要将PEM转换为PKC
，并确保已启用"-trustcacerts"。选项。 

> < span style ="font-family：inherit; font-size：13px; font-style：inherit; font-variant：inherit; font-weight：inherit; white-space：inherit; background-color：＃eff0f1; margin：0px ; padding：0px; border：0px; line-height：inherit; vertical-align：baseline; color：＃303336"> keytool
- import
- trustcacerts
- 文件
/ 路径 / ldapserver 。 pem
- 别名
somealias - keystore
/ 安全性 / cacerts

< time datetime =" 2016-09-21T07：39：41" itemprop =" dateCreated" style =" margin：0px; padding：0px; border：0px; font- variant-numeric：inherit; font-variant-east-asian：inherit; line-height：inherit; font-family：Arial，'Helvetica Neue'，Helvetica，
sans-serif; vertical-align：baseline; box -sizing：inherit; color：＃242729;">< / time>

Hi All,

We have one JAVA code written using ADAL4J  1.1.3 version and we make use of Tenant,Client_ID,Resource,username and password to call Host  = https://login.windows.net.

This code was running fine on Server for past 1 year but since last few weeks throwing error  "MP: exception caught with cause java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" .

Same program is running on my local machine and I am able to fetch Token But on server it is giving error.

Seems we need to add some certficate/root but which one as we already have login.microsoftonline.com certificate deployed.

Thanks...

解决方案

The error means that your server's SSL certificate cannot be verified, either because your server is using a self-signed certificate, or because your Java runtime did not ship with the appropriate root certificates to validate the server's certificate chain (i.e. there is more than one certificate that you need to import). If you wish to trust the certificate of the server you can import the server's certificate into your Java runtime's certificate store. It is also possible that you need to convert PEM to PKCs and ensure that you have enabled the "-trustcacerts" option. 

>keytool -import -trustcacerts -file /path/ldapserver.pem -alias somealias -keystore /security/cacerts

<time datetime="2016-09-21T07:39:41" itemprop="dateCreated" style="margin:0px;padding:0px;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;line-height:inherit;font-family:Arial, 'Helvetica Neue', Helvetica, sans-serif;vertical-align:baseline;box-sizing:inherit;color:#242729;"></time>

这篇关于获取AccessToken时ADAL4J出现问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！