Code
2023-05-19 07:00:09

“PKIX路径构建失败”和“无法找到请求目标的有效认证路径”

我试图使用twitter4j库为我的java项目获得推文,它在封面下使用java.net.HttpURLConnection(可以在堆栈跟踪中看到)。在我第一次运行时,我得到了一个关于证书sun.security.validator.ValidatorException和sun.security.provider.certpath.SunCertPathBuilderException的错误。然后我添加了twitter证书:

C:\Program Files\Java\jdk1.7.0_45\jre\lib\security>keytool -importcert -trustcacerts -file PathToCert -alias ca_alias -keystore "C:\Program Files\Java\jdk1.7.0_45\jre\lib\security\cacerts"

但是没有成功。以下是获取推文的流程:

public static void main(String[] args) throws TwitterException {
    ConfigurationBuilder cb = new ConfigurationBuilder();
    cb.setDebugEnabled(true)
        .setOAuthConsumerKey("myConsumerKey")
        .setOAuthConsumerSecret("myConsumerSecret")
        .setOAuthAccessToken("myAccessToken")
        .setOAuthAccessTokenSecret("myAccessTokenSecret");
    
    TwitterFactory tf = new TwitterFactory(cb.build());
    Twitter twitter = tf.getInstance();
    
    try {
        Query query = new Query("iphone");
        QueryResult result;
        result = twitter.search(query);
        System.out.println("Total amount of tweets: " + result.getTweets().size());
        List<Status> tweets = result.getTweets();
        
        for (Status tweet : tweets) {
            System.out.println("@" + tweet.getUser().getScreenName() + " : " + tweet.getText());
        }
    } catch (TwitterException te) {
        te.printStackTrace();
        System.out.println("Failed to search tweets: " + te.getMessage());
    }

这里是错误:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Relevant discussions can be found on the Internet at:
    http://www.google.co.jp/search?q=d35baff5 or
    http://www.google.co.jp/search?q=1446302e
TwitterException{exceptionCode=[d35baff5-1446302e 43208640-747fd158 43208640-747fd158 43208640-747fd158], statusCode=-1, message=null, code=-1, retryAfter=-1, rateLimitStatus=null, version=3.0.5}
    at twitter4j.internal.http.HttpClientImpl.request(HttpClientImpl.java:177)
    at twitter4j.internal.http.HttpClientWrapper.request(HttpClientWrapper.java:61)
    at twitter4j.internal.http.HttpClientWrapper.get(HttpClientWrapper.java:81)
    at twitter4j.TwitterImpl.get(TwitterImpl.java:1929)
    at twitter4j.TwitterImpl.search(TwitterImpl.java:306)
    at jku.cc.servlets.TweetsAnalyzer.main(TweetsAnalyzer.java:38)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.ssl.Alerts.getSSLException(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at java.net.HttpURLConnection.getResponseCode(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(Unknown Source)
    at twitter4j.internal.http.HttpResponseImpl.<init>(HttpResponseImpl.java:34)
    at twitter4j.internal.http.HttpClientImpl.request(HttpClientImpl.java:141)
    ... 5 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
    at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
    at sun.security.validator.Validator.validate(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
    ... 20 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
    at java.security.cert.CertPathBuilder.build(Unknown Source)
    ... 26 more
Failed to search tweets: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

当前回答

我的UI方法:

从这里下载密钥库资源管理器 打开$ JAVA_HOME / jre / lib /安全/除 输入PW: changeit(可以在Mac上changeme) 导入.crt文件

CMD-Line:

Keytool -importcert -file jetty。crt -alias jetty -keystore $JAVA_HOME/jre/lib/security/cacerts . crt -alias jetty -keystore $JAVA_HOME/jre/lib/security/cacerts . crt 输入PW: changeit(可以在Mac上changeme)

2016-11-22 14:06:23

其他回答

我在使用Java 8时遇到了这个问题,但在升级到Java 11后得到了解决

2022-01-22 11:31:23

在这里,这种异常通常发生在受信任证书的PATH不匹配时。检查用于安全通信的服务器证书所需的配置或路径。

2014-01-12 19:32:53

1. 检查证书

尝试在浏览器中加载目标URL并查看网站的证书(通常可以通过带有锁标志的图标访问)。它在浏览器地址栏的左边或右边),无论它是否过期或由于其他原因不受信任。

2. 安装最新版本的JRE和JDK

新版本通常附带一组更新后的受信任证书。

如果可能的话,卸载旧版本。这将使错误配置错误显式地出现。

3.检查您的配置:

检查JAVA_HOME环境变量指向的位置。 检查您使用哪个java版本来运行程序。在IntelliJ中检查: 文件->项目结构…—>项目设置—>项目—>项目SDK: 文件->项目结构…—>平台设置—>个sdk

4. 从新的Java版本复制整个密钥存储库

如果您使用的JDK不是最新可用的JDK,请尝试将%JAVA_HOME%/jre/lib/security/cacerts文件替换为最新安装的jre中的新文件(先做备份),正如@jeremy-goodell在他的回答中建议的那样

5. 向您的密钥存储库中添加证书

如果以上都不能解决您的问题,请使用keytool将证书保存到Java的密钥存储库:

keytool -trustcacerts -keystore "%JAVA_HOME%jre\lib\security\cacerts" -storepass changeit -importcert -alias <alias_name> -file <path_to_crt_file>

正如@MagGGG在他的回答中建议的那样,可以从浏览器中获得带有证书的文件。

注1:您可能需要对链中的每个证书重复此操作,直到站点的证书。从根根开始。

注意2:<alias_name>在存储中的键中应该是唯一的,否则keytool将显示错误。

要获取存储中所有证书的列表,您可以运行:

keytool -list -trustcacerts -keystore "%JAVA_HOME%jre\lib\security\cacerts" -storepass changeit

如果出现问题,这将帮助您从存储中删除证书:

keytool -delete -alias <alias_name> -keystore "%JAVA_HOME%jre\lib\security\cacerts" -storepass changeit
2017-09-13 11:10:26

问题背景:

当我试图在我的项目中运行mvn清洁安装并通过Netbeans IDE清洁和构建选项时,我得到了以下错误。 此问题是由于通过NET beans IDE/通过命令提示符下载时证书不可用,但可以通过浏览器下载文件。

错误:

Caused by: org.eclipse.aether.transfer.ArtifactTransferException: Could not transfer artifact com.java.project:product:jar:1.0.32 from/to repo-local (https://url/local-repo): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

解决方法:

1. 下载有关网址的证书:

Launch IE by "run as adminstrator" (otherwise, we will not be able to download the certificate) Enter the url in IE-> https://url/local-repo (In my case this url had a untrusted certificate.) Download the certificate by clicking on Certificate error -> view certificate Select Details tab -> copy to file -> next -> select "DER encoded binary X.509 (.CER) save the certificate in some location, example : c:/user/sheldon/desktop/product.cer Congrats! you have successfully downloaded the certificate for the site

2. 现在安装密钥存储库以修复该问题。

运行keytool命令将下载的密钥存储库附加到 已存在的证书文件。 命令:jdk (JAVA_HOME) bin文件夹下的如下命令。

C:\Program Files\Java\ jdk1.8.0_141\jre\bin>keytool -importcert -file .使用实例 “C: / user /谢耳朵/桌面/产品。-alias product -keystore “C: /程序文件/ Java / jdk1.8.0_141 / jre / lib /安全/除”。

系统将提示您输入密码。输入keystore密码: 再次输入“changeit”,输入“信任此证书?”(没有):“,输入 “是的”

示例命令行命令/输出:

keytool -importcert -file "C:/Users/sheldon/Desktop/product.cer" -alias product -keystore "C:/Program iles/Java/jdk1.8.0_141/jre/lib/security/cacerts"
Enter keystore password:
Trust this certificate? [no]:  yes
Certificate was added to keystore

Contgrats !现在你应该删除“PKIX路径构建失败:sun.security.provider.certpath”。在Netbeans IDE中出现SunCertPathBuilderException错误。

2017-11-29 09:01:28

在我的情况下(Windows 10, IIS,本地开发环境(自签名SSL证书),Apache JMeter)。我必须导入两个证书到cacerts。 一个用于自定义主机名: CN = localhostCustom 第二个是localhost主机名: CN = localhost

的问候。

2021-08-16 10:31:53

推荐文章

aliyun

最新文章

标签

2025 code 京ICP备15047053号-1