精华内容
下载资源
问答
  • .provider
    万次阅读 热门讨论
    2019-08-27 16:56:31

    公司里换了个交换机,然后Unirest发送的HTTPS请求就失效了,报错:sun.security.provider.certpath.SunCertPathBuilderException

    弄了接近一下午,终于找到了好用的解决方法:

     

    解决方法:

    1、运行如下java文件(InstallCert.java),生成 jssecacerts 文件。 
    2、然后将生成的 jssecacerts 文件,拷贝到jdk中,目录位置:%JAVA_HOME%\jre\lib\security 
    (例如D:\Program Files\Java\jdk1.8.0_131\jre\lib\security)

    /* 
     * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved. 
     * 
     * Redistribution and use in source and binary forms, with or without 
     * modification, are permitted provided that the following conditions 
     * are met: 
     * 
     *   - Redistributions of source code must retain the above copyright 
     *     notice, this list of conditions and the following disclaimer. 
     * 
     *   - Redistributions in binary form must reproduce the above copyright 
     *     notice, this list of conditions and the following disclaimer in the 
     *     documentation and/or other materials provided with the distribution. 
     * 
     *   - Neither the name of Sun Microsystems nor the names of its 
     *     contributors may be used to endorse or promote products derived 
     *     from this software without specific prior written permission. 
     * 
     * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 
     * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 
     * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
     * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR 
     * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 
     * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 
     * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 
     * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 
     * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 
     * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 
     * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
     */  
      
    import java.io.BufferedReader;  
    import java.io.File;  
    import java.io.FileInputStream;  
    import java.io.FileOutputStream;  
    import java.io.InputStream;  
    import java.io.InputStreamReader;  
    import java.io.OutputStream;  
    import java.security.KeyStore;  
    import java.security.MessageDigest;  
    import java.security.cert.CertificateException;  
    import java.security.cert.X509Certificate;  
      
    import javax.net.ssl.SSLContext;  
    import javax.net.ssl.SSLException;  
    import javax.net.ssl.SSLSocket;  
    import javax.net.ssl.SSLSocketFactory;  
    import javax.net.ssl.TrustManager;  
    import javax.net.ssl.TrustManagerFactory;  
    import javax.net.ssl.X509TrustManager;  
      
    public class InstallCert {  
      
        public static void main(String[] args) throws Exception {  
            String host;  
            int port;  
            char[] passphrase;  
            if ((args.length == 1) || (args.length == 2)) {  
                String[] c = args[0].split(":");  
                host = c[0];  
                port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);  
                String p = (args.length == 1) ? "changeit" : args[1];  
                passphrase = p.toCharArray();  
            } else {  
                System.out  
                        .println("Usage: java InstallCert <host>[:port] [passphrase]");  
                return;  
            }  
      
            File file = new File("jssecacerts");  
            if (file.isFile() == false) {  
                char SEP = File.separatorChar;  
                File dir = new File(System.getProperty("java.home") + SEP + "lib"  
                        + SEP + "security");  
                file = new File(dir, "jssecacerts");  
                if (file.isFile() == false) {  
                    file = new File(dir, "cacerts");  
                }  
            }  
            System.out.println("Loading KeyStore " + file + "...");  
            InputStream in = new FileInputStream(file);  
            KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());  
            ks.load(in, passphrase);  
            in.close();  
      
            SSLContext context = SSLContext.getInstance("TLS");  
            TrustManagerFactory tmf = TrustManagerFactory  
                    .getInstance(TrustManagerFactory.getDefaultAlgorithm());  
            tmf.init(ks);  
            X509TrustManager defaultTrustManager = (X509TrustManager) tmf  
                    .getTrustManagers()[0];  
            SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);  
            context.init(null, new TrustManager[] { tm }, null);  
            SSLSocketFactory factory = context.getSocketFactory();  
      
            System.out  
                    .println("Opening connection to " + host + ":" + port + "...");  
            SSLSocket socket = (SSLSocket) factory.createSocket(host, port);  
            socket.setSoTimeout(10000);  
            try {  
                System.out.println("Starting SSL handshake...");  
                socket.startHandshake();  
                socket.close();  
                System.out.println();  
                System.out.println("No errors, certificate is already trusted");  
            } catch (SSLException e) {  
                System.out.println();  
                e.printStackTrace(System.out);  
            }  
      
            X509Certificate[] chain = tm.chain;  
            if (chain == null) {  
                System.out.println("Could not obtain server certificate chain");  
                return;  
            }  
      
            BufferedReader reader = new BufferedReader(new InputStreamReader(  
                    System.in));  
      
            System.out.println();  
            System.out.println("Server sent " + chain.length + " certificate(s):");  
            System.out.println();  
            MessageDigest sha1 = MessageDigest.getInstance("SHA1");  
            MessageDigest md5 = MessageDigest.getInstance("MD5");  
            for (int i = 0; i < chain.length; i++) {  
                X509Certificate cert = chain[i];  
                System.out.println(" " + (i + 1) + " Subject "  
                        + cert.getSubjectDN());  
                System.out.println("   Issuer  " + cert.getIssuerDN());  
                sha1.update(cert.getEncoded());  
                System.out.println("   sha1    " + toHexString(sha1.digest()));  
                md5.update(cert.getEncoded());  
                System.out.println("   md5     " + toHexString(md5.digest()));  
                System.out.println();  
            }  
      
            System.out  
                    .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");  
            String line = reader.readLine().trim();  
            int k;  
            try {  
                k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;  
            } catch (NumberFormatException e) {  
                System.out.println("KeyStore not changed");  
                return;  
            }  
      
            X509Certificate cert = chain[k];  
            String alias = host + "-" + (k + 1);  
            ks.setCertificateEntry(alias, cert);  
      
            OutputStream out = new FileOutputStream("jssecacerts");  
            ks.store(out, passphrase);  
            out.close();  
      
            System.out.println();  
            System.out.println(cert);  
            System.out.println();  
            System.out  
                    .println("Added certificate to keystore 'jssecacerts' using alias '"  
                            + alias + "'");  
        }  
      
        private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();  
      
        private static String toHexString(byte[] bytes) {  
            StringBuilder sb = new StringBuilder(bytes.length * 3);  
            for (int b : bytes) {  
                b &= 0xff;  
                sb.append(HEXDIGITS[b >> 4]);  
                sb.append(HEXDIGITS[b & 15]);  
                sb.append(' ');  
            }  
            return sb.toString();  
        }  
      
        private static class SavingTrustManager implements X509TrustManager {  
      
            private final X509TrustManager tm;  
            private X509Certificate[] chain;  
      
            SavingTrustManager(X509TrustManager tm) {  
                this.tm = tm;  
            }  
      
            public X509Certificate[] getAcceptedIssuers() {  
                throw new UnsupportedOperationException();  
            }  
      
            public void checkClientTrusted(X509Certificate[] chain, String authType)  
                    throws CertificateException {  
                throw new UnsupportedOperationException();  
            }  
      
            public void checkServerTrusted(X509Certificate[] chain, String authType)  
                    throws CertificateException {  
                this.chain = chain;  
                tm.checkServerTrusted(chain, authType);  
            }  
        }  
      
    }  

    编译InstallCert.java,然后执行:java InstallCert hostname,比如:
    java InstallCert www.twitter.com
    会看到如下信息:

    java InstallCert www.twitter.com  
    Loading KeyStore /usr/java/jdk1.6.0_16/jre/lib/security/cacerts...  
    Opening connection to www.twitter.com:443...  
    Starting SSL handshake...  
      
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target  
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)  
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)  
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)  
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)  
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:846)  
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)  
        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)  
        at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)  
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)  
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)  
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038)  
        at InstallCert.main(InstallCert.java:63)  
    Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target  
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)  
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)  
        at sun.security.validator.Validator.validate(Validator.java:203)  
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)  
        at InstallCert$SavingTrustManager.checkServerTrusted(InstallCert.java:158)  
        at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)  
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:839)  
        ... 7 more  
    Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target  
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)  
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)  
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)  
        ... 13 more  
      
    Server sent 2 certificate(s):  
      
     1 Subject CN=www.twitter.com, O=example.com, C=US  
       Issuer  CN=Certificate Shack, O=example.com, C=US  
       sha1    2e 7f 76 9b 52 91 09 2e 5d 8f 6b 61 39 2d 5e 06 e4 d8 e9 c7   
       md5     dd d1 a8 03 d7 6c 4b 11 a7 3d 74 28 89 d0 67 54   
      
     2 Subject CN=Certificate Shack, O=example.com, C=US  
       Issuer  CN=Certificate Shack, O=example.com, C=US  
       sha1    fb 58 a7 03 c4 4e 3b 0e e3 2c 40 2f 87 64 13 4d df e1 a1 a6   
       md5     72 a0 95 43 7e 41 88 18 ae 2f 6d 98 01 2c 89 68   
      
    Enter certificate to add to trusted keystore or 'q' to quit: [1]  

    输入1,回车,然后会在当前的目录下产生一个名为“ssecacerts”的证书。

     

    将证书拷贝到$JAVA_HOME/jre/lib/security目录下,或者通过以下方式:
    System.setProperty("javax.Net.ssl.trustStore", "你的jssecacerts证书路径");

     


    注意:因为是静态加载,所以要重新启动你的Web Server,证书才能生效。

     

    更多相关内容
  • sun.security.provider不存在
  • Java加密解密字符串找不到 com.sun.crypto.provider.SunJCE() 用到jar包,将包放入lib目录,build path引入,即可
  • new com.sun.crypto.provider.SunJCE()找不到,需要导入jar包,而这个jar包在高版本的jdk里面已经找不到了,只有jdk1.6_13里面才有。提供出来。
  • Java加密解密字符串找不到 com.sun.crypto.provider.SunJCE() 用到jar包
  • javax.inject.Provider

    热门讨论 2011-10-20 19:03:27
    Spring 依赖的 javax.inject.Provider
  • sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ...

    java程序在访问https资源时,出现报错

    sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    下面给出解决方案(忽略证书信任)

    
        private static final String FILE_TO = "d:\\download\\test.pdf";
    
        @Test
        void testHttpsUrl() throws IOException {
            String url = "https://luomo-oss.oss-cn-beijing.aliyuncs.com/Druid%20%E4%BD%BF%E7%94%A8%E6%89%8B%E5%86%8C.pdf";
            InputStream inputStream = null;
            try{
                URL encodedUrl = new URL(url);
                if("https".equals(encodedUrl.getProtocol())){
                    SslUtil.ignoreSsl();
                }
                inputStream = encodedUrl.openConnection().getInputStream();
            }catch (Exception e){
                e.printStackTrace();
            }
            File file = new File(FILE_TO);
            try (FileOutputStream outputStream = new FileOutputStream(file)) {
                int read;
                byte[] bytes = new byte[1024];
                while ((read = inputStream.read(bytes)) != -1) {
                    outputStream.write(bytes, 0, read);
                }
            }
        }
    

    SslUtil

    import javax.net.ssl.*;
    import java.security.cert.CertificateException;
    import java.security.cert.X509Certificate;
    
    public class SslUtil {
    
        private static void trustAllHttpsCertificates() throws Exception {
            TrustManager[] trustAllCerts = new TrustManager[1];
            TrustManager tm = new miTM();
            trustAllCerts[0] = tm;
            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, trustAllCerts, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        }
    
        static class miTM implements TrustManager, X509TrustManager {
    
            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
    
            public boolean isServerTrusted(X509Certificate[] certs) {
                return true;
            }
    
            public boolean isClientTrusted(X509Certificate[] certs) {
                return true;
            }
    
            @Override
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
                return;
            }
    
            @Override
            public void checkClientTrusted(X509Certificate[] certs, String authType)
                    throws CertificateException {
                return;
            }
        }
    
        /**
         * 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
         */
        public static void ignoreSsl() throws Exception{
            HostnameVerifier hv = (urlHostName, session) -> true;
            trustAllHttpsCertificates();
            HttpsURLConnection.setDefaultHostnameVerifier(hv);
        }
    }
    
    
    展开全文
  • 解决mvn package遇到sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target报错问题 在虚拟环境,使用mvn package打包的时候,遇到了一下报错...

    解决mvn package遇到sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target报错问题
    在虚拟环境,使用mvn package打包的时候,遇到了一下报错:

    sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target and 'parent.relativePath' points at wrong local POM
    

    看到是证书验证报错,尝试忽略掉证书验证打包mvn -Dmaven.wagon.http.ssl.insecure=true package,可行,打包成功。

    在这里插入图片描述
    再向File - settings中的maven - Runner中添加这句话:

    -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true -DarchetypeCatalog=internal
    

    在这里插入图片描述

    展开全文
  • sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 我试了...
  • 因为加入了jdk的第三方安全库,需要额外配置 1.下载bcprov-jdkxx-xxx.jar ...security.provider.x=org.bouncycastle.jce.provider.BouncyCastleProvider 如果还没有生效,而本地又有JAR包,maven刷一遍..

    因为加入了jdk的第三方安全库,需要额外配置

    1.下载bcprov-jdkxx-xxx.jar

    2.将bcprov-jdkxx-xxx.jar放入$JAVA_HOME/jre/lib/ext下

    3.打开$JAVA_HOME/jre/lib/security下的java.security文件,在末尾加上

    security.provider.x=org.bouncycastle.jce.provider.BouncyCastleProvider

    如果还没有生效,而本地又有JAR包,maven刷一遍还不管用的话,idea---file----

    添加进来即可

    展开全文
  • jenkins在线安装插件,从安全协议开始报错sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 试了网上几种方法,修改http换成国内镜像源...
  • org.apache.maven.pluginsmaven-compiler...2.再把sunjce_provider.jar这个包直接放到了项目的 WEB-INF的lib包下面,这样就可以生效了 注:bootclasspath参数配置了不起作用,仅在我自己测试项目中不起作用,不代表所.
  • PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException 错误原因:这是由于java对SSL证书不信任造成的。网上搜了搜,解决办法有很多,一种是手动导入证书到本地的信任库,这种我...
  • 项目中配置FileProvider,运行报错android.content.res.XmlResourceParser错误。强制更新,下载了最新的包之后打开报错: java.lang.NullPointerException:Attempt to invoke virtual method 'android.content.res....
  • 报错如下: { "timestamp": "2021-03-08T02:25:38.696+0000", ... "message": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path
  • 问题 java使用httpclient或者restTemplate进行https... javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertP...
  • 描述 用myeclipse发送http(post)请求时,报PKIX PATH ... 参考文章: 解决 MAVE 打包过程中出现“PKIX PATH BUILDING FAILED: SUN.SECURITY.PROVIDER.CERTPATH.SUNCERTPATHBUILDEREXCEP. 流程 到请求网站下载证书 把证
  • Java: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 证书有问题: 解决方案: 获取目标机器需要配置的证书文件 1、编译安装证书的...
  • eclipse中com.sun.net.ssl.internal.ssl.Provider报错,但jdk8中有此api ; intellij idea中不报错 解决方法: Windows->Preferences,Java/Compiler/Errors/Warnings,DeprecatedandrestrictedAPI,...
  • sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target -> [Help ...
  • Error:( ) java: 程序包org.bouncycastle.jce.provider不存在 · 首先maven依赖引入第三方库 bouncyCastle <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk16...
  • Error invoking sqlprovider method (tk.mybatis.mapper.provider.base.BaseselectProvider.dynamicSQL). Cause: java.lang.InstantiationException: tk.mybatis.mapper.provider.base.BaseSelectProvider 原因:...
  • java.lang.InstantiationException cause: tk.mybatis.mapper.provider.base.BaseSelectProvider 1)版本冲突,导致构建失败 2) 启动类包扫描路径不对 3)启动类所用的扫描mapper文件的注解,引用错包了,有三个...
  • java中这个加密类com.sun.crypto.provider.SunJCE()报错的解决办法,有2种 1、Window -> Preferences -> Java -> Compiler -> Errors/Warnings -> Deprecated and restricted API -> Forbidden ...

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 518,766
精华内容 207,506
关键字:

.provider