Error :

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Resolve method :

 import java.io.BufferedReader;

 import java.io.File;

 import java.io.FileInputStream;

 import java.io.FileOutputStream;

 import java.io.InputStream;

 import java.io.InputStreamReader;

 import java.io.OutputStream;

 import java.security.KeyStore;

 import java.security.MessageDigest;

 import java.security.cert.CertificateException;

 import java.security.cert.X509Certificate;

 import javax.net.ssl.SSLContext;

 import javax.net.ssl.SSLException;

 import javax.net.ssl.SSLSocket;

 import javax.net.ssl.SSLSocketFactory;

 import javax.net.ssl.TrustManager;

 import javax.net.ssl.TrustManagerFactory;

 import javax.net.ssl.X509TrustManager;

 public class InstallCert {

     public static void main(String[] args) throws Exception {

         args[0]="www.google.com";

         String host;

         int port;

         char[] passphrase;

         //System.setProperty("javax.net.ssl.trustStore", "C:\\Users\\PL62716\\workspace\\urlAutoConnect\\jssecacerts");

         if ((args.length == 1) || (args.length == 2)) {

             String[] c = args[0].split(":");

             host = c[0];

             port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);

             String p = (args.length == 1) ? "changeit" : args[1];

             passphrase = p.toCharArray();

         } else {

             System.out

                     .println("Usage: java InstallCert <host>[:port] [passphrase]");

             return;

         }

         File file = new File("jssecacerts");

         if (file.isFile() == false) {

             char SEP = File.separatorChar;

             File dir = new File(System.getProperty("java.home") + SEP + "lib"

                     + SEP + "security");

             file = new File(dir, "jssecacerts");

             if (file.isFile() == false) {

                 file = new File(dir, "cacerts");

             }

         }

         System.out.println("Loading KeyStore " + file + "...");

         InputStream in = new FileInputStream(file);

         KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

         ks.load(in, passphrase);

         in.close();

         SSLContext context = SSLContext.getInstance("TLS");

         TrustManagerFactory tmf = TrustManagerFactory

                 .getInstance(TrustManagerFactory.getDefaultAlgorithm());

         tmf.init(ks);

         X509TrustManager defaultTrustManager = (X509TrustManager) tmf

                 .getTrustManagers()[0];

         SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);

         context.init(null, new TrustManager[] { tm }, null);

         SSLSocketFactory factory = context.getSocketFactory();

         System.out

                 .println("Opening connection to " + host + ":" + port + "...");

         SSLSocket socket = (SSLSocket) factory.createSocket(host, port);

         socket.setSoTimeout(10000);

         try {

             System.out.println("Starting SSL handshake...");

             socket.startHandshake();

             socket.close();

             System.out.println();

             System.out.println("No errors, certificate is already trusted");

         } catch (SSLException e) {

             System.out.println();

             e.printStackTrace(System.out);

         }

         X509Certificate[] chain = tm.chain;

         if (chain == null) {

             System.out.println("Could not obtain server certificate chain");

             return;

         }

         BufferedReader reader = new BufferedReader(new InputStreamReader(

                 System.in));

         System.out.println();

         System.out.println("Server sent " + chain.length + " certificate(s):");

         System.out.println();

         MessageDigest sha1 = MessageDigest.getInstance("SHA1");

         MessageDigest md5 = MessageDigest.getInstance("MD5");

         for (int i = 0; i < chain.length; i++) {

             X509Certificate cert = chain[i];

             System.out.println(" " + (i + 1) + " Subject "

                     + cert.getSubjectDN());

             System.out.println("   Issuer  " + cert.getIssuerDN());

             sha1.update(cert.getEncoded());

             System.out.println("   sha1    " + toHexString(sha1.digest()));

             md5.update(cert.getEncoded());

             System.out.println("   md5     " + toHexString(md5.digest()));

             System.out.println();

         }

         System.out

                 .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");

         String line = reader.readLine().trim();

         int k;

         try {

             k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;

         } catch (NumberFormatException e) {

             System.out.println("KeyStore not changed");

             return;

         }

         X509Certificate cert = chain[k];

         String alias = host + "-" + (k + 1);

         ks.setCertificateEntry(alias, cert);

         OutputStream out = new FileOutputStream("jssecacerts");

         ks.store(out, passphrase);

         out.close();

         System.out.println();

         System.out.println(cert);

         System.out.println();

         System.out

                 .println("Added certificate to keystore 'jssecacerts' using alias '"

                         + alias + "'");

     }

     private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

     private static String toHexString(byte[] bytes) {

         StringBuilder sb = new StringBuilder(bytes.length * 3);

         for (int b : bytes) {

             b &= 0xff;

             sb.append(HEXDIGITS[b >> 4]);

             sb.append(HEXDIGITS[b & 15]);

             sb.append(' ');

         }

         return sb.toString();

     }

     private static class SavingTrustManager implements X509TrustManager {

         private final X509TrustManager tm;

         private X509Certificate[] chain;

         SavingTrustManager(X509TrustManager tm) {

             this.tm = tm;

         }

         public X509Certificate[] getAcceptedIssuers() {

             throw new UnsupportedOperationException();

         }

         public void checkClientTrusted(X509Certificate[] chain, String authType)

                 throws CertificateException {

             throw new UnsupportedOperationException();

         }

         public void checkServerTrusted(X509Certificate[] chain, String authType)

                 throws CertificateException {

             this.chain = chain;

             tm.checkServerTrusted(chain, authType);

         }

     }

 }
java InstallCert www.twitter.com

Loading KeyStore /usr/java/jdk1.6.0_16/jre/lib/security/cacerts...

Opening connection to www.twitter.com:443...

Starting SSL handshake...  

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)

    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)

    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:846)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)

    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)

    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038)

    at InstallCert.main(InstallCert.java:63)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)

    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)

    at sun.security.validator.Validator.validate(Validator.java:203)

    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)

    at InstallCert$SavingTrustManager.checkServerTrusted(InstallCert.java:158)

    at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)

    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:839)

    ... 7 more

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)

    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)

    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)

    ... 13 more  

Server sent 2 certificate(s):  

 1 Subject CN=www.twitter.com, O=example.com, C=US

   Issuer  CN=Certificate Shack, O=example.com, C=US

   sha1    2e 7f 76 9b 52 91 09 2e 5d 8f 6b 61 39 2d 5e 06 e4 d8 e9 c7

   md5     dd d1 a8 03 d7 6c 4b 11 a7 3d 74 28 89 d0 67 54   

 2 Subject CN=Certificate Shack, O=example.com, C=US

   Issuer  CN=Certificate Shack, O=example.com, C=US

   sha1    fb 58 a7 03 c4 4e 3b 0e e3 2c 40 2f 87 64 13 4d df e1 a1 a6

   md5     72 a0 95 43 7e 41 88 18 ae 2f 6d 98 01 2c 89 68   

Enter certificate to add to trusted keystore or 'q' to quit: [1]

run application result

(1) Input 1, Enter, will generate Security certificate named "jssecacerts"

(2) Copy this file "jssecacerts" to directory "$JAVA_HOME/jre/lib/security"  or use the following way: System.setProperty("javax.net.ssl.trustStore", "你的jssecacerts证书路径");

(3) Restart the web  server, the certificate will take effect.

unable to find valid certification path to requested target的更多相关文章

  1. 解决PKIX:unable to find valid certification path to requested target 的问题

    这两天在twitter服务器上忽然遇到这样的异常: e: sun.security.validator.ValidatorException: PKIX path building failed: s ...

  2. 解决 java 使用ssl过程中出现"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"

    今天,封装HttpClient使用ssl时报一下错误: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorExc ...

  3. 解决PKIX(PKIX path building failed) 问题 unable to find valid certification path to requested target

    最近在写java的一个服务,需要给远程服务器发送post请求,认证方式为Basic Authentication,在请求过程中出现了 PKIX path building failed: sun.se ...

  4. Pop3_解决PKIX:unable to find valid certification path to requested target 的问题

    最近有公司pop3协议接收pp邮箱出现异常,连不上服务器,错误内容: e: sun.security.validator.ValidatorException: PKIX path building ...

  5. https编程遇到PKIX:unable to find valid certification path to requested target 的问题

    https编程遇到PKIX:unable to find valid certification path to requested target 的问题 2016-12-01 解决方案见:解决PKI ...

  6. PKIX:unable to find valid certification path to requested target

    1.Communications link failure,The last packet successfully received from the server was * **millisec ...

  7. 解决flutter:unable to find valid certification path to requested target 的问题

    1.问题 周末在家想搞搞flutter,家里电脑是windows的,按照官网教程一步步安装好以后,创建flutter工程,点击运行,一片红色弹出来,WTF? PKIX path building fa ...

  8. 工作日志,证书无效 unable to find valid certification path to requested target

    工作日志,证书无效 unable to find valid certification path to requested target 最近被这个问题弄得头大.导致所有用到 se.transmod ...

  9. java程序中访问https时,报 PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    在java中使用https访问数据时报异常: Caused by: sun.security.validator.ValidatorException: PKIX path building fail ...

随机推荐

  1. iOS开发 - 不进入待机(屏幕保持唤醒)---UIApplication学习

    iOS开发 - 不进入待机(屏幕保持唤醒)---UIApplication学习 如果你不希望应用运行时 iPhone 进入锁屏待机状态,加入下面这行代码即可 [[UIApplication share ...

  2. R语言教程规划

    本文发表在博客园, http://www.cnblogs.com/stackworm/ 尽管进展中出现了意想不到的事情,期间中断1个多月,但我仍然会坚持下去. 首先,这份教程适合所有对R语言有兴趣且希 ...

  3. bzoj1149

    题目:http://www.lydsy.com/JudgeOnline/problem.php?id=1149 水题..... 直接BFS. #include<cstdio> #inclu ...

  4. Delphi 调用系统中的计算器、记事本、画图软件方法

    1.直接调用    前面uses加 ShellAPI ShellExecute(Handle, 'open', PChar('calc.exe'), nil, nil, SW_SHOW); 2.直接调 ...

  5. 哲学家用餐问题的几个解法(c语言实现)

    参考资料: 1.维基百科:哲学家用餐问题 2.Windows的多线程编程

  6. 股票市场问题(The Stock Market Problem)

    Question: Let us suppose we have an array whose ith element gives the price of a share on the day i. ...

  7. MyBatis映射文件的resultMap如何做表关联

    MyBatis的核心是其映射文件,SqlMap文件,里面配置了项目中用到了什么SQL语句,和数据库相关的逻辑都在这个映射文件里.顾名思义,映射文件就是对Java对象和SQL的映射.这里简单介绍一下映射 ...

  8. 专题笔记--Java 类集框架

    Java 类集框架 1. Java类集框架产生的原因 在基础的应用中,我们可以通过数组来保存一组对象或者基本数据,但数组的大小是不可更改的,因此出于灵活性的考虑和对空间价值的担忧,我们可以使用链表来实 ...

  9. mysql语句添加索引

    1.PRIMARY  KEY(主键索引)        mysql>ALTER  TABLE  `table_name`  ADD  PRIMARY  KEY (  `column`  ) 2. ...

  10. android推送-PHP(第三方推送:个推)

    在项目初期,就安卓推送功能怎么做,曾经参考过例如XMPP之类的推送方法.但苦于那些是些英文档案,又没太多时间研究,所以打算采用第三方推送(个推,极光推送等),后来在美图技术老大推荐下用采用个推. PS ...