Tomcat SSL:无法找到请求目标的有效证书路径 [英] Tomcat SSL: unable to find valid certification path to requested target

问题描述

我正在尝试访问应用程序中的URL，但出现此错误.

I'm trying to access an url in my application, but I'm getting this error.

1771426 [http-bio-8180-exec-15] ERROR gadget.GadgetValidatorServlet  - wsdl.exception.WSInvokerException: wsdl.exception.WSInvokerException: javax.xml.ws.soap.SOAPFaultException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
1771426 [http-bio-8180-exec-15] ERROR gadget.GadgetPortalValidatorServlet  - gadget.exception.GadgetValidatorException: wsdl.exception.WSInvokerException: wsdl.exception.WSInvokerException: javax.xml.ws.soap.SOAPFaultException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

我尝试应用所有这些修复程序，但均未成功: http://www.mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target/

I've tried to apply all of those fixes but with no success: http://www.mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target/

不久，它需要运行InstallCert应用程序(java InstallCert my.domain.com)并生成文件jssecacerts.之后，我复制了此文件并将其粘贴到/opt/java/jdk1.7.0_45/jre/lib/security/jssecacerts

Shortly it needs to run InstallCert app (java InstallCert my.domain.com) and generate the file jssecacerts. After that I've copied and paste this file into /opt/java/jdk1.7.0_45/jre/lib/security/jssecacerts

我还将我的证书(与SSL URL(httpd)中使用的证书相同)导入到tomcat使用的密钥库中.

I've also import my cert, the same used in my ssl url (httpd) into my keystore used by tomcat.

即使在那之后，我仍然收到此错误.

Even after that I still getting this error.

有什么想法吗?

推荐答案

我过去可以通过在运行时设置 javax.net.ssl.trustStore 系统属性来解决此问题指向 jssecacerts 文件.只把它放在正确的"地方对我来说是行不通的.我必须明确设置位置.无论如何，这是更可移植的，因此，如果您的应用程序需要四处移动，我通常建议您这样做.

I've been able to fix this problem in the past by setting the javax.net.ssl.trustStore system property at runtime to point to the jssecacerts file. Just putting it in the "right" place never worked for me; I had to set the location explicitly. This is more portable anyway, so I recommend it in general if your app ever needs to move around.

System.setProperty("javax.net.ssl.trustStore", "/path/to/jssecacerts");

这篇关于Tomcat SSL:无法找到请求目标的有效证书路径的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！