解决SSLHandshakeException:PKIX path building failed

最新推荐文章于 2025-05-13 09:15:53 发布
最新推荐文章于 2025-05-13 09:15:53 发布
阅读量5.1k 收藏 6
点赞数 2
分类专栏: Java基础 文章标签: 证书 SSLHandshakeException
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/chengxuyuanruhua/article/details/99842006
版权

加了证书之后,调用https的请求,不受信任,就会报如下错误信息:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
	at cn.com.webservice.util.HttpRequestUtil.sendGet(HttpRequestUtil.java:149)
	at cn.com.webservice.WeChat.AccessTokenTest.main(AccessTokenTest.java:15)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	at sun.security.validator.Validator.validate(Validator.java:260)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
	... 12 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)

解决方法是信任所有SSL证书,所以在每次https请求的时候,忽略掉证书就可以了
SslUtils.java

package cn.com.webservice.WeChat.util;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
 
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/**
 * 
 * @author Miss.Ru
 *
 */
public class SslUtils {
	private static void trustAllHttpsCertificates() throws Exception {
    TrustManager[] trustAllCerts = new TrustManager[1];
    TrustManager tm = new miTM();
    trustAllCerts[0] = tm;
    SSLContext sc = SSLContext.getInstance("SSL");
    sc.init(null, trustAllCerts, null);
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}
 
static class miTM implements TrustManager,X509TrustManager {
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
 
    public boolean isServerTrusted(X509Certificate[] certs) {
        return true;
    }
 
    public boolean isClientTrusted(X509Certificate[] certs) {
        return true;
    }
 
    public void checkServerTrusted(X509Certificate[] certs, String authType)
            throws CertificateException {
        return;
    }
 
    public void checkClientTrusted(X509Certificate[] certs, String authType)
            throws CertificateException {
        return;
    }
}
 
/**
 * 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
 * @throws Exception
 */
public static void ignoreSsl() throws Exception{
    HostnameVerifier hv = new HostnameVerifier() {
        public boolean verify(String urlHostName, SSLSession session) {
            System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
            return true;
        }
    };
    trustAllHttpsCertificates();
    HttpsURLConnection.setDefaultHostnameVerifier(hv);
 }
}

测试SslUtils
HttpRequestUtil.java

/**
 * http请求工具类
 * @author Mr.Ru
 * @create 2018-08-29 10:12
 */
public class HttpRequestUtil {

 /**
	* 向指定URL发送GET方法的请求
    *
	* @param requestUrl 发送请求的URL
	* @param param      请求参数,请求参数应该是 name1=value1&name2=value2 的形式。
    * @return URL 所代表远程资源的响应结果
	* @throws Exception 
     */
    public static String sendGet(String requestUrl, String param) throws Exception  {
    	 
    	URL u = new URL(requestUrl);
    	//注意:重点知识,此句判断用于信任所有的https请求
    	if("https".equalsIgnoreCase(u.getProtocol())){
    	   //测试SslUtils
            SslUtils.ignoreSsl();
        }
        String result = "";
        BufferedReader in = null;
        try {
            String urlString = requestUrl + "?" + param;
            URL url = new URL(urlString);
            // 打开和URL之间的连接
            URLConnection connection = url.openConnection();
            // 设置通用的请求属性
            connection.setRequestProperty("accept", "*/*");
            connection.setRequestProperty("connection", "Keep-Alive");
            connection.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
            // 建立实际的连接
            connection.connect();
            // 获取所有响应头字段
            Map<String, List<String>> map = connection.getHeaderFields();
            // 遍历所有的响应头字段
            // 定义 BufferedReader输入流来读取URL的响应
            in = new BufferedReader(new InputStreamReader(
                    connection.getInputStream()));
            String line;
            while ((line = in.readLine()) != null) {
                result += line;
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        // 使用finally块来关闭输入流
        finally {
            try {
                if (in != null) {
                    in.close();
                }
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }
        return result;
    }
}

当你再次调用https请求的时候,就可以请求成功啦~
亲测有效~

package cn.com.webservice.WeChat;
import cn.com.webservice.util.HttpRequestUtil;

public class AccessTokenTest {
	public static void main(String[] args) throws Exception{
	
        String corpid="wxf9291cddfe5";//企业微信id           
		String corpsecret="InWpADosVs7RXG5MwBl8TSTsZ0khvzSK2LQ0";//应用密钥
		 String url = "https://qyapi.weixin.qq.com/cgi-bin/gettoken";
        String param = "corpid=" + corpid + "&corpsecret=" + corpsecret;
        
        String result = HttpRequestUtil.sendGet(url, param);
        System.out.println(result);
    }
}
解决】Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed
qq_59125846的博客
04-19 1028
在Java8及高版本以上的版本在源应用程序不信任目标应用程序的证书,因为在源应用程序的JVM信任库中找不到该证书证书链。也就是目标站点启用了HTTPS 而缺少安全证书时出现的异常。
解决Exception in thread “main“ javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.sec
user123name的博客
11-26 5434
访问一个接口,通过postman可以调用但是使用HttpClient无法访问报错误。 Exception in thread “main” javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at
异常: javax.net.ssl.SSLHandshakeException: PKIX path building failed: SunCertPathBuilderException
Java小皮孩
03-28 9444
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Java报javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.
最新发布
s757484077的博客
05-13 329
3,如果是高版本的jdk 比如21,安装的时候没有jre路径,就不能使用keytool命令,可以使用该命令进行生成:bin\jlink.exe --module-path jmods --add-modules java.desktop --output jre,然后配置环境变量后就可以使用keytool命令。如果还有疑问可以联系作者。
解决PKIX path building failed的问题
03-17
NULL 博文链接:https://mengyang.iteye.com/blog/575671
Https证书问题SSLHandshakeException:PKIX path building failed
LiuCJ_20000的博客
11-14 697
jdk导入https地址证书公钥方法!!!
javax.net.ssl.SSLHandshakeException:PKIX path building failed解决方法
suoyihen
05-20 409
前一章说到:用java访问PHP写的webService。call.invoke的时候出现了 sun.security.validator.ValidatorException: PKIX path building failed: 这是缺少安全证书时出现的异常,解决方案就是将你要访问的webservice的安全认证证书导入到客户端即可 网上也提供了抓取证书的方法 例如:http:...
SpringBoot项目运行时出现javax.net.ssl.SSLHandshakeException: PKIX路径构建失败:sun.security异常(本地/部署后)
qq_53722480的博客
09-08 2631
javax.net.ssl.SSLHandshakeException: PKIX
javax.net.ssl.SSLHandshakeException: PKIX path building failed
hubxx的博客
03-10 9555
错误信息 本地环境缺少ssl证书 一、下载证书 可以通过浏览器下载;也可以使用命令行 1、浏览器 查看证书,直接导出即可 2、命令行 openssl s_client -connect <目标网址:端口号> < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > 证书.crt 二、导入证书 1.证书移动到$JAVA_HOME/lib/security/c...
解决 sun.security.validator.ValidatorException: PKIX path building failed 的问题,绕过证书的检查实现
热门推荐
chao_9836的博客
02-09 2万+
错误信息: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find...
ssl忽略证书 SSLHandshakeException:PKIX path building failed ——java client
global_coding的博客
04-13 503
ssl忽略证书 SSLHandshakeException:PKIX path building failed ——java client
javax.net.ssl.SSLHadshakeException: sun.security.validator.VatorException: PKIX path building failed
AAbb895212798的博客
07-21 762
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed 我是在获取邮箱验证码时提示以上错误。错误明细如下: javax.mail.MessagingException: Could not connect to SMTP host: smtp.vip.163.com, port: 465; nested exception is: javax
javax.net.ssl.SSLHandshakeException:PKIX path building failed多个证书解决方法
blueyy617的专栏
04-11 3342
javax.net.ssl.SSLHandshakeException:PKIX path building failed多个证书解决方法
DBeaver报错:javax.net.ssl.SSLHandshakeException:PKIX path building failed
也言的博客
11-02 2124
DBeaver报错:javax.net.ssl.SSLHandshakeException:PKIX path building failed
【OKHttp】javax.net.ssl. SSLHandshakeException:PKIX path building failed
SportHappy的博客
03-07 6098
Android异常:java.lang.IllegalStateException: Unable to extract the trust manager on Android10Platform, sslSocketFactory is class com.android.org.conscrypt.OpenSSLSocketFactoryImpl web、java项目异常:javax.net.ssl. SSLHandshakeException:PKIX path building failed..
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCe
hongchangyuge的博客
06-04 556
java请求接口的时候如果遇到这个问题 是java的ssl安全证书问题,用下面的代码忽略就好 放在方法的最前面。
SSL 跳过证书验证 javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.cer
03-15 3846
最开始网站是 http 的,后来升级成了 https 。内网环境是自己签发的证书,今天准备访问的时候报错了。原来已经加了跳过证书验证的代码了,还是报错了。 1. 为什么原来的设置不起作用 原来的设置如下,是在 spring boot 的启动类里设置了一段静态代码,跳过了证书验证: import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplicat
解决 javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX 路径构建失败
agoin__的博客
11-21 1万+
处理javax.net.ssl.SSLHandshakeException的 SSL 握手失败问题
解决javax.net.ssl.SSLHandshakeExceptionsun.security.validator.ValidatorException:PKIX路径构建失败错误?
asdfgh0077的博客
05-19 1万+
Edit :- Tried to format the question and accepted answer in more presentable way at mine Blog 编辑:-试
excel表格数据导入数据库 navicat
01-22
### 使用 Navicat 导入 Excel 数据至 MySQL 数据库 为了将 Excel 中的数据导入到已创建好的 MySQL 数据库表中,需确保 Excel 文件的第一行包含字段名,并且这些字段名应与目标数据库表中的字段相对应[^1]。 #### 准备工作 确认所使用的 Navicat 版本支持连接到 MySQL 并能够执行数据传输功能。此外,保证 Excel 文档保存路径无误并可被正常访问。 #### 开始导入过程 当准备就绪后,在 Navicat 的对象浏览器里定位到想要填充数据的目标表上点击鼠标右键菜单选项“导入向导”,这一步骤启动了图形化的交互界面来指导完成整个流程[^2]。 在弹出窗口中选择源文件类型为 Microsoft Excel (*.xls; *.xlsx),随后浏览选取待上传的具体文档位置。对于含有日期类型的单元格内容,务必核对其格式设置以匹配数据库预期接收的标准形式;否则可能导致解析失败或丢失精度等问题发生[^3]。 #### 字段映射配置 随着导航逐步推进直至到达字段映射环节时,仔细对照两侧列表项——左侧代表来自电子表格里的原始列标题而右侧则是目的端关系型存储结构内的属性标识符。通过拖拽连线方式建立起两者间一对一关联关系,即使它们之间存在排列次序差异也完全不影响最终效果呈现[^4]。 一旦所有必要的参数均已设定完毕,则继续前进直到遇到最后确认提示处停止。此时再次审视各项细节确保万无一失后再按下“完成”按钮正式提交任务请求给后台处理引擎去执行实际迁移动作。 ```sql -- 示例 SQL 语句用于验证导入后的记录数是否正确 SELECT COUNT(*) FROM your_table_name; ```
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值