2
我們正在研究使用PlayFramework構建並將其部署到Heroku的Java應用程序。我們通過Play Authenticate將我們的登錄機制與Facebook整合在一起,但從今天早上開始,我們無法登錄。我們得到一些看起來像附件的安全證書異常。導致java.security.InvalidAlgorithmParameterException的Facebook登錄:trustAnchors參數必須爲非空
我們想知道這是否可能是由於環境中的某些變化所致,因爲我們不記得更改任何相關的應用程序代碼。有什麼我們可以檢查?
由於提前,
2013-02-20T17:33:32+00:00 app[web.1]: play.api.Application$$anon$1: Execution exception[[RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty]]
2013-02-20T17:33:32+00:00 app[web.1]:
2013-02-20T17:33:32+00:00 app[web.1]: at play.api.DefaultApplication.handleError(Application.scala:383) [play_2.10-2.1.0.jar:2.1.0]
2013-02-20T17:33:32+00:00 app[web.1]: at play.api.libs.concurrent.PlayPromise$$anonfun$extend1$1.apply(Promise.scala:113) [play_2.10-2.1.0.jar:2.1.0]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:508) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:759) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:727) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1118) ~[netty-3.5.9.Final.jar:na]
2013-02-20T17:33:32+00:00 app[web.1]: at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
2013-02-20T17:33:32+00:00 app[web.1]: at play.core.server.netty.PlayDefaultUpstreamHandler$$anon$2$$anonfun$handle$1.apply(PlayDefaultUpstreamHandler.scala:132) [play_2.10-2.1.0.jar:2.1.0]
2013-02-20T17:33:32+00:00 app[web.1]: at play.api.libs.concurrent.PlayPromise$$anonfun$extend1$1.apply(Promise.scala:113) [play_2.10-2.1.0.jar:2.1.0]
2013-02-20T17:33:32+00:00 app[web.1]: Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.validator.PKIXValidator.(PKIXValidator.java:75) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.validator.Validator.getInstance(Validator.java:178) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:270) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:225) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
2013-02-20T17:33:32+00:00 app[web.1]: at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at java.security.cert.PKIXBuilderParameters.(PKIXBuilderParameters.java:104) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at java.security.cert.PKIXParameters.(PKIXParameters.java:120) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.validator.PKIXValidator.(PKIXValidator.java:73) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1147) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.validator.Validator.getInstance(Validator.java:178) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:129) ~[na:1.6.0_27]
經過一段時間對問題進行故障排除後,一位同事將新更改推送到應用並重新部署。 沒有什麼似乎與登錄有關的問題,但它現在正在工作。 可能與新應用程序的啓動位置有關嗎?與之前的部署有什麼關係?是否有任何來自部署過程的日誌,我們可以檢查最後一個? – Marc 2013-02-20 19:51:30
對不起,這導致你。我們昨晚更新了JDK,它缺少默認的cacerts文件。我們已經將它回滾了,這就是爲什麼你再也看不到問題了。 – 2013-02-20 21:24:15
嗨Naaman,謝謝你的回答,很高興知道它是什麼! – Marc 2013-02-21 01:36:13