问题描述:调用eos节点时,报错 javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2.百度之后(参考https://www.cnblogs.com/zhangzhi19861216/p/5923477.html)
执行代码:(github代码:https://github.com/escline/InstallCert.git)
1 问题描述:调用eos节点时,报错 2 3 4 5 2.百度之后(参考https://www.cnblogs.com/zhangzhi19861216/p/5923477.html) 6 7 执行代码: 8 9 /* 10 * Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 16 * - Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 19 * - Redistributions in binary form must reproduce the above copyright 20 * notice, this list of conditions and the following disclaimer in the 21 * documentation and/or other materials provided with the distribution. 22 * 23 * - Neither the name of Sun Microsystems nor the names of its 24 * contributors may be used to endorse or promote products derived 25 * from this software without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 28 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 29 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 31 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 32 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 33 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 34 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 35 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 36 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 */ 39 40 import java.io.*; 41 import java.net.URL; 42 43 import java.security.*; 44 import java.security.cert.*; 45 46 import javax.net.ssl.*; 47 48 public class InstallCert { 49 50 public static void main(String[] args) throws Exception { 51 String host; 52 int port; 53 char[] passphrase; 54 if ((args.length == 1) || (args.length == 2)) { 55 String[] c = args[0].split(":"); 56 host = c[0]; 57 port = (c.length == 1) ? 443 : Integer.parseInt(c[1]); 58 String p = (args.length == 1) ? "changeit" : args[1]; 59 passphrase = p.toCharArray(); 60 } else { 61 System.out.println("Usage: java InstallCert <host>[:port] [passphrase]"); 62 return; 63 } 64 65 File file = new File("jssecacerts"); 66 if (file.isFile() == false) { 67 char SEP = File.separatorChar; 68 File dir = new File(System.getProperty("java.home") + SEP 69 + "lib" + SEP + "security"); 70 file = new File(dir, "jssecacerts"); 71 if (file.isFile() == false) { 72 file = new File(dir, "cacerts"); 73 } 74 } 75 System.out.println("Loading KeyStore " + file + "..."); 76 InputStream in = new FileInputStream(file); 77 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); 78 ks.load(in, passphrase); 79 in.close(); 80 81 SSLContext context = SSLContext.getInstance("TLS"); 82 TrustManagerFactory tmf = 83 TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); 84 tmf.init(ks); 85 X509TrustManager defaultTrustManager = (X509TrustManager)tmf.getTrustManagers()[0]; 86 SavingTrustManager tm = new SavingTrustManager(defaultTrustManager); 87 context.init(null, new TrustManager[] {tm}, null); 88 SSLSocketFactory factory = context.getSocketFactory(); 89 90 System.out.println("Opening connection to " + host + ":" + port + "..."); 91 SSLSocket socket = (SSLSocket)factory.createSocket(host, port); 92 socket.setSoTimeout(10000); 93 try { 94 System.out.println("Starting SSL handshake..."); 95 socket.startHandshake(); 96 socket.close(); 97 System.out.println(); 98 System.out.println("No errors, certificate is already trusted"); 99 } catch (SSLException e) { 100 System.out.println(); 101 e.printStackTrace(System.out); 102 } 103 104 X509Certificate[] chain = tm.chain; 105 if (chain == null) { 106 System.out.println("Could not obtain server certificate chain"); 107 return; 108 } 109 110 BufferedReader reader = 111 new BufferedReader(new InputStreamReader(System.in)); 112 113 System.out.println(); 114 System.out.println("Server sent " + chain.length + " certificate(s):"); 115 System.out.println(); 116 MessageDigest sha1 = MessageDigest.getInstance("SHA1"); 117 MessageDigest md5 = MessageDigest.getInstance("MD5"); 118 for (int i = 0; i < chain.length; i++) { 119 X509Certificate cert = chain[i]; 120 System.out.println 121 (" " + (i + 1) + " Subject " + cert.getSubjectDN()); 122 System.out.println(" Issuer " + cert.getIssuerDN()); 123 sha1.update(cert.getEncoded()); 124 System.out.println(" sha1 " + toHexString(sha1.digest())); 125 md5.update(cert.getEncoded()); 126 System.out.println(" md5 " + toHexString(md5.digest())); 127 System.out.println(); 128 } 129 130 System.out.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]"); 131 String line = reader.readLine().trim(); 132 int k; 133 try { 134 k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1; 135 } catch (NumberFormatException e) { 136 System.out.println("KeyStore not changed"); 137 return; 138 } 139 140 X509Certificate cert = chain[k]; 141 String alias = host + "-" + (k + 1); 142 ks.setCertificateEntry(alias, cert); 143 144 OutputStream out = new FileOutputStream("jssecacerts"); 145 ks.store(out, passphrase); 146 out.close(); 147 148 System.out.println(); 149 System.out.println(cert); 150 System.out.println(); 151 System.out.println 152 ("Added certificate to keystore 'jssecacerts' using alias '" 153 + alias + "'"); 154 } 155 156 private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray(); 157 158 private static String toHexString(byte[] bytes) { 159 StringBuilder sb = new StringBuilder(bytes.length * 3); 160 for (int b : bytes) { 161 b &= 0xff; 162 sb.append(HEXDIGITS[b >> 4]); 163 sb.append(HEXDIGITS[b & 15]); 164 sb.append(' '); 165 } 166 return sb.toString(); 167 } 168 169 private static class SavingTrustManager implements X509TrustManager { 170 171 private final X509TrustManager tm; 172 private X509Certificate[] chain; 173 174 SavingTrustManager(X509TrustManager tm) { 175 this.tm = tm; 176 } 177 178 public X509Certificate[] getAcceptedIssuers() { 179 throw new UnsupportedOperationException(); 180 } 181 182 public void checkClientTrusted(X509Certificate[] chain, String authType) 183 throws CertificateException { 184 throw new UnsupportedOperationException(); 185 } 186 187 public void checkServerTrusted(X509Certificate[] chain, String authType) 188 throws CertificateException { 189 this.chain = chain; 190 tm.checkServerTrusted(chain, authType); 191 } 192 } 193 194 }
通过编译:javac InstallCert.java
运行:java InstallCert eos.greymass.com
生成的文件
放置到服务器上
重启项目就正常了