找不到指向请求的目标的有效认证路径

unable to find a valid certification path to requested target(找不到指向请求的目标的有效认证路径)

问题描述

我正在使用REST模板发出POST请求，并收到以下错误：无法找到指向所请求目标的有效证书路径

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'transformToListClass': Invocation of init method failed; nested exception is java.lang.RuntimeException: org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://emploenefitsdev/rion/v1/rion/": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: java.lang.RuntimeException: org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://emploenefitsdev/rion/v1/rion/": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://emploenefitsdev/rion/v1/rion/": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

和我的方法如下：

    public ImageDescriptor generateImage(String payLoad, String templateName, String slogPrefix) {
        try {
            ImageDescriptor descriptor = new ImageDescriptor();

            String myEUrl = "https://emploenefitsdev/rion/v1/rion/";
            String eURL = myUrl.concat(Constant.F_SLASH).concat(templateName);

            log.info("payload" + payLoad);

            ResponseEntity<Resource> responseEntity = restTemplate.exchange(
                    eURL,
                    HttpMethod.POST,
                    niService.getStringHttpEntityWithPayload(payLoad),
                    Resource.class);
            log.info(String.format("%s generateImage Result: [%s] ", slogPrefix, responseEntity.getStatusCode()));
            descriptor.setInputStream(Objects.requireNonNull(responseEntity.getBody()).getInputStream());

            convert(responseEntity.getBody().getInputStream(), "sherrr.pdf");

            log.info("file is:"+ convert(responseEntity.getBody().getInputStream(), "sherrr.pdf"));


            return descriptor;
        } catch (IOException e) {
            e.printStackTrace();
            log.error("Error: " + slogPrefix + " generate image failed " + e.getMessage());
            throw new RuntimeException(e);
        }
    }

HTTPS

，因为您正在建立从客户端到服务器的推荐答案连接。握手过程失败，因为客户端需要验证服务器证书。在客户端，您需要颁发者证书(根CA)来验证服务器证书。大多数根证书都是JDK中预先存在的。默认情况下，根证书存储在名为cacerts的密钥库文件中。这里，服务器证书不是由证书颁发机构颁发的，服务器使用的是自签名证书或由内部CA颁发的证书。您需要将根CA证书添加到Java cacerts密钥存储区。

您可以通过在浏览器中访问服务器站点来轻松检索根CA证书。点击url栏中的安全锁垫，然后浏览证书选项。您需要使用复制选项导出根CA证书，并将证书文件保存在系统上。

转到cacerts所在的位置eg: C:Program FilesJavajdk1.8.0_121jrelibsecurity并打开命令提示符以执行以下命令。

keytool -import -alias -aliasName -file pathToRootCA.crt -keystore cacerts

密码为changeit

这篇关于找不到指向请求的目标的有效认证路径的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！