PKIX path building failed error occurs when calling ETC interface

Others 2021-04-03 07:34:53 views: null

When working on an ETC project recently, javax.net.ssl.SSLHandshakeException occurred when calling the ETC interface.

Complete exception information:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

The above exception information prompts: the request target did not find a valid certification path. The HTTPS secure network communication protocol is used to access the ETC interface. The cause of this problem is that the JVM environment where the application is located does not find the correct certificate file.

In fact, the solution is quite simple, that is, download the certificate of the interface address and install it in the environment where the JVM is located. Specific steps are as follows:

  • Step 1: Enter the address of the interface that the application needs to call on the browser, then press F12, and then click the View certificate button in the security column;
    Insert picture description here
    remember the name of the certificate:
    Insert picture description here

  • Step 2: Enter in "Run" certmgr.msc, open the certificate management window, and find the certificate file we need to download;
    Insert picture description here

  • Step 3: Select the certificate file that needs to be downloaded, then right-click the mouse -> All Tasks -> Export, and export the certificate to the local disk;
    Insert picture description here

  • Step 4: Open the command window, and then execute the keytoolcommand to install the certificate into the local environment;

参数说明:
  -import 导入证书操作
  -alias 秘钥对的别名
  -keystore 秘钥对的路径及名称
  -file 证书文件的路径
  -trustcacerts 告诉keytool您要将其导入作为受信任的证书

E.g:

keytool -import -alias cacerts -keystore cacerts -file D:\JavaEE\JDK\jdk1.8.2\jre\lib\security\zsetc.crt -trustcacerts

Enter the password of the key store and press Enter.
Insert picture description here
If you want to view the installed certificates, you can execute the following command:

keytool -list -v -alias cacerts -keystore cacerts -storepass 秘钥库的口令

Delete certificate:

keytool -delete -alias cacerts -keystore cacerts -storepass 秘钥库的口令

In addition to the above methods, three new root certificates have been added to the JDK 8u101 version (https://bugs.openjdk.java.net/browse/JDK-8154757).
Insert picture description here
Therefore, the above problems can also be solved by upgrading the JDK.

Guess you like

Origin blog.csdn.net/zhongliwen1981/article/details/106767589
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com