解决Java连接HTTPS时因证书不受信任导致的异常。通过浏览器导出证书并使用keytool命令将其导入到JDK默认的信任证书库中。
When I use java to connect HTTPs, it got exception:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.
The reason is certificate is not recognized, so it's not accepted by java client.
So we need add this certificate to our local store.
JDK's default certificate store located at $JAVA_HOME/jre/lib/security/cacerts, the default password is 'changeit'. We can use following command to view it:
keytool -list -keystore$JAVA_HOME/jre/lib/security/cacerts
To import the certificate for the HTTPs, first use Browser (Firefox) view the page, and export the certificate to local disk. Then use following command import the certificate to JDK's store:
keytool -import -alias keyalias -keystore $JAVA_HOME/jre/lib/security/cacerts -file mycert.cer
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
