CertPathValidatorException: Trust anchor for certification path not found解决方法

错误log:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path   

not found.
    at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:413)
    at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:257)
    at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:210)
    at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:477)
    at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:432)
    at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:282)
    at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:232)
    at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:80)
    at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:164)
    at com.etnet.global.ConnectionTool.post(ConnectionTool.java:462)
    at com.etnet.android.Welcome$3.run(Welcome.java:177)
 Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for   

certification path not found.
    at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:184)
    at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:163)
    at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:593)
    at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
    at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:410)
    ... 10 more

解决方法：忽略证书验证：

public static StringBuffer post(String urlString, String param) {
		StringBuffer sb = new StringBuffer();
		URL url = null;
		HttpURLConnection connection = null;
		DataOutputStream out = null;
		BufferedReader in = null;
		try {
			url = new URL(urlString);

			//关键代码
			//ignore https certificate validation |忽略 https 证书验证
			if (url.getProtocol().toUpperCase().equals("HTTPS")) {
				trustAllHosts();
				HttpsURLConnection https = (HttpsURLConnection) url
						.openConnection();
				https.setHostnameVerifier(HttpIgnoreSSL.DO_NOT_VERIFY);
				connection = https;
			} else {
				connection = (HttpURLConnection) url.openConnection();
			}

			connection.setReadTimeout(10000);
			connection.setDoInput(true);
			connection.setDoOutput(true);
			connection.setRequestMethod("POST");
			connection.setUseCaches(false);
			connection.setInstanceFollowRedirects(true);
			connection.setRequestProperty("Content-Type",
					"application/x-www-form-urlencoded");
			connection.connect();
			out = new DataOutputStream(
					connection.getOutputStream());
			out.writeBytes(param);
			out.flush();

			in = new BufferedReader(new InputStreamReader(
					connection.getInputStream()), 512);
			String line;
			while ((line = in.readLine()) != null) {
				sb.append(line.trim());
			}
		} catch (IOException e) {
			e.printStackTrace();
		} catch (Exception e) {
			e.printStackTrace();
		}finally {
			if (out != null) {
				try {
					out.close();
				} catch (IOException e) {
				}
			}
			if (in != null) {
				try {
					in.close();
				} catch (IOException e) {
				}
			}
			if (connection != null) {
				connection.disconnect();
			}
		}
		return sb;
	}

public static void trustAllHosts() {
		// Create a trust manager that does not validate certificate chains
		// Android use X509 cert
		TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
				return new java.security.cert.X509Certificate[] {};
			}

			public void checkClientTrusted(X509Certificate[] chain,
					String authType) throws CertificateException {
			}

			public void checkServerTrusted(X509Certificate[] chain,
					String authType) throws CertificateException {
			}
		} };

		// Install the all-trusting trust manager
		try {
			SSLContext sc = SSLContext.getInstance("TLS");
			sc.init(null, trustAllCerts, new java.security.SecureRandom());
			HttpsURLConnection
					.setDefaultSSLSocketFactory(sc.getSocketFactory());
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

public final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
		public boolean verify(String hostname, SSLSession session) {
			return true;
		}
	};

时间： 2024-10-11 14:52:16

CertPathValidatorException: Trust anchor for certification path not found解决方法的相关文章

andorid HTTPS 不需要证书 VolleyEror: com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not fou

1.加证书(这里不说) 2.修改代码 import java.security.KeyManagementException;import java.security.NoSuchAlgorithmException;import java.security.SecureRandom;import java.security.cert.X509Certificate;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsU

Linux报“ '/usr/bin' is not included in the PATH environment variable”解决方法

在阿里云的服务器安装nodejs,配置环境变量过程中,出现问题以及解决方法. 1. 以下是node和npm的路径: 2. 设置环境变量 #vi /etc/profile 添加 #set node npm pathNODE_HOME=/home/app/node-v4.0.0-linux-x64/binexport PATH=$NODE_HOME:$PATH 3. 退出后执行 source /etc/profile 此时运行node -v没有问题. 但是问题来了,如果以上:$PATH忘了加或者拼

Access to the path '....' is denied.解决方法

昨天公司项目迁移服务器,从自己服务器迁移到阿里云服务器,部署完成后发现有一个页面要读取磁盘上的静态文件就报错了... 如图: 解决办法: 在 Web.Config 的 <System.Web> 里加 <identity impersonate="true"/> 节点或者给项目文件目录添加ASP.net的写入权限(一般是IUSER_计算机名). Access to the path '....' is denied.解决方法

【fastweixin框架教程3】JAVA进行HTTPS网站访问，PKIX path building failed解决方法

上几篇文章我们谈到fastweixin使用问题和修改. 今天的问题就是使用JAVA访问HTTPS网站时候经常出现javax.net.ssl.SSLHandshakeException javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderEx

解决PKIX(PKIX path building failed) 问题 unable to find valid certification path to requested target

最近在写java的一个服务,需要给远程服务器发送post请求,认证方式为Basic Authentication,在请求过程中出现了 PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target的错误,于是开始搜索并得到解决, 下面总结一下解决过程: 我们要做的就是将

azure iothub create-device-identity样例报错： unable to find valid certification path

https://docs.microsoft.com/zh-cn/azure/iot-hub/iot-hub-java-java-getstarted 在IDEA中执行上述的代码,会出现下面的报错信息: Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.secur

Java调用https服务报错unable to find valid certification path to requested target的解决方法

我们网站要进行https改造,配置上购买的SSL证书后,浏览器访问正常,但是写了个java代码用httpcomponents调用https rest接口时报错: Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath

解决PKIX：unable to find valid certification path to requested target 的问题

问题的根本是: 缺少安全证书时出现的异常. 解决问题方法: 将你要访问的webservice/url....的安全认证证书导入到客户端即可. 以下是获取安全证书的一种方法,通过以下程序获取安全证书: /* * Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. * * Redistribution and use in source and binary forms, with or without * modification,

mvn 编译报错mavn sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targ

mavn 编译报错: mavn sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 解决方案: The fact is that your maven plugin try