-1
服務器端:的Apache HTTP客戶端服務器TLS實現:獲取密鑰庫異常
- 我已經部署在Tomcat安全的RESTful服務針對HTTPS協議已啓用。
我創建使用
keytool.
出口從serverkeystore的servercertificate.cer密鑰庫serverkeystore文件。
客戶端:
創建客戶端密鑰庫clientkeystore.jsk
進口的servercertificate.cer在clientkeystore.jsk
導出的clientcertificate.cer來自clientkeystore.jsk。
進口下JAVA_HOME/lib/security中的clientcertificate.cer
異常的客戶端代碼:
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 30 more
代碼:
private SSLConnectionSocketFactory buildSSLSocketFactory() throws Exception, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
FileInputStream instream = new FileInputStream(new File("path to clientkeystore.jks"));
try {
trustStore.load(instream, "phhclient".toCharArray());
} finally {
instream.close();
}
// Trust own CA and all self-signed certs
SSLContext sslcontext = SSLContexts.custom()
.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy())
.build();
// Allow TLSv1 protocol only
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
new String[] { "TLSv1" },
null,
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
return sslsf;
}
無法找到要求的目標的有效證書路徑牛逼 請讓我知道爲什麼我收到異常
感謝和問候,
拉胡爾·哈因