Azure堆栈ADFS - 无法获取访问令牌 - PKIX错误 [英] Azure Stack ADFS - Unable to obtain Access Token - PKIX error

查看:70
本文介绍了Azure堆栈ADFS - 无法获取访问令牌 - PKIX错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

< style type =" text / css"> p.p1 {margin:0.0px 0.0px 12.0px 0.0px;行高:15.0px;字体:12.0px Verdana;颜色:#000000; -webkit-text-stroke:#000000} span.s1 {font-kerning:none}< / style>

您好,

<style type="text/css">p.p1 {margin: 0.0px 0.0px 12.0px 0.0px; line-height: 15.0px; font: 12.0px Verdana; color: #000000; -webkit-text-stroke: #000000} span.s1 {font-kerning: none} </style>

Hi,

在Azure Stack ADFS环境中,我创建了一个服务主体,以便从我的webapp使用Azure Stack Rest API。 

使用oauth2我从adfs / oauth2 / authorize端点获取了代码。我正在尝试使用此代码通过adfs / oauth2 / token端点获取访问令牌。问题是我收到证书错误,即使我将adfs.local.azurestack.external
的证书添加到我的Java密钥库。 



我修改了堆栈跟踪,因为它被标记为垃圾邮件。

引起:org.springframework.web.client .ResourceAccessException:POST请求中的I / O错误"... adfs.local.azurestack.external / adfs / oauth2 / token":sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException :
无法找到所请求目标的有效证书路径;嵌套异常是javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法
找到所请求目标的有效证书路径

  &NBSP; &NBSP; &NBSP;在org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:674)

  &NBSP; &NBSP; &NBSP;在org.springframework.web.client.RestTemplate.execute(RestTemplate.java:629)

  &NBSP; &NBSP; &NBSP;在org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:137)

  &NBSP; &NBSP; &NBSP; ...省略了83个常见帧

引起:javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到所需目标的有效证明路径

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.Alerts.getSSLException(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.Handshaker.processLoop(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.Handshaker.process_record(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)

  &NBSP; &NBSP; &NBSP;在sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(未知来源)

  &NBSP; &NBSP; &NBSP;在sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(未知来源)

  &NBSP; &NBSP; &NBSP;在org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:78)

  &NBSP; &NBSP; &NBSP;在org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)

  &NBSP; &NBSP; &NBSP;在org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)

  &NBSP; &NBSP; &NBSP;在org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:660)

  &NBSP; &NBSP; &NBSP; ...省略了85个常见帧

引起:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径

  &NBSP; &NBSP; &NBSP; at sun.security.validator.PKIXValidator.doBuild(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.validator.Validator.validate(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

  &NBSP; &NBSP; &NBSP; ...省略了100个常见帧

引起:sun.security.provider.certpath.SunCertPathBuilderException:无法找到所请求目标的有效证书路径

  &NBSP; &NBSP; &NBSP; at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)

  &NBSP; &NBSP; &NBSP; at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)

  &NBSP; &NBSP; &NBSP; at java.security.cert.CertPathBuilder.build(Unknown Source)

  &NBSP; &NBSP; &NBSP; ...省略106个常见框架



任何指针都将不胜感激!

谢谢,

V

推荐答案

你好,

问题:

Questions:

您是在ASDK还是ASIS上部署? ? 

什么版本的Azure Stack?

什么版本的App Services?

注意:
 Java e xception:" 无法找到所请求目标的有效证书路径 t "如果您使用的是自签名证书或由内部证书颁发机构颁发的证书,或者您的客户端(例如浏览器,Java)已过时,则可能发生

Note: The Java exception: "unable to find valid certification path to requested target" can happen if you are using Self-Signed certificate or a certificate that is issued by an internal Certificate Authority or if your clients (e.g. browser, java) are outdated).

 

由于信任是通过拥有root和
中间 证书来处理的您在受信任的密钥库上的SSL证书。

***你可以尝试解决这个问题
 将自签名证书导入受信任的根颁发机构和中级根颁发机构密钥库。

*** You can try working around this issue by importing your self-signed certificate to your Trusted Root Authority and Intermediate Root Authority key stores.

  

让我们知道它是怎么回事。

Let us know how it goes.

 

 

感谢您对Azure Stack的时间和兴趣。

如果您遇到Azure Stack或当前ASDK版本的任何问题,请随时与我们联系。

    
           

             

  谢谢

 Thanks


这篇关于Azure堆栈ADFS - 无法获取访问令牌 - PKIX错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发语言最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆