PAS第三方调用：调用腾讯云短信接口报错：unable to find valid certification path to requested target_发送腾讯短信报错 unable to find valid certification path t-优快云博客

当PAS6.5应用后台逻辑尝试通过腾讯云接口发送短信验证码时，遇到SSLHandshakeException，原因是缺少安全证书。解决方法是手动导出腾讯云SSL证书并导入到PAS系统中。具体步骤包括访问腾讯云短信URL获取证书，停止PAS服务，使用keytool命令导入证书，设置密钥库口令，然后重启PAS服务。完成这些操作后，应用能够成功发送短信。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

【问题描述】

PAS6.5应用后台逻辑调用腾讯云接口，向目标手机发送验证码短信。接口调用出错：

~~~tex
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1688)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1038)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:966)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at com.github.qcloudsms.httpclient.DefaultHTTPClient.fetch(DefaultHTTPClient.java:47)
at com.github.qcloudsms.SmsSingleSender.sendWithParam(SmsSingleSender.java:127)
~~~

【解决方案】

错误原因：应用调用腾讯云接口，腾讯云使用https协议返回数据，此时需要进行证书信任，但此时抛出异常，无法找到安全证书。

## 问题解决方案

手动将腾讯云SSL证书导入到PAS中：

- 通过浏览器访问腾讯云短信url：`https://yun.tim.qq.com/v5/tlssmssvr/sendsms`，通过浏览器将网站SSL安全证书导出保存，例如:`/opt/tim.qq.cer`。

- 停止PAS V6.5服务

- 打开命令行窗口，进入PAS V6.5安装路径下`pas6/pas/domains/domain1/config`目录。执行命令

~~~shell
keytool -import -alias tim.qq -file /opt/tim.qq.cer -keystore ./cacerts.jks -trustcacerts
~~~

- 导入证书，输入密钥库口令：`changeit`，输入`Y`信任该证书，完成导入。

- 启动PAS V6.5服务

- 通过应用发送短信，成功

【原文链接】