我创建了服务器和客户端 keystore.jks 和 truststore.jks 对 . server-truststore.jks 包含 client-public.cer ,_ client-truststore.jks 包含 server-public.cer . SSL证书没有CA,是自签名证书 . 如果我在本地播放通信就可以了 . 但在部署我的服务器后,我得到了异常:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
我试图将我的服务器/客户端证书放入java安全的carcerts,它没有帮助 .
只有当我从SOAP UI调用我的WS时,通信才有效 . (对于SOAP UI,我不需要使用 truststore.jks )
我用一个着名的SSLPoke.class检查了它
$ java SSLPoke HOST 443
Successfully connected
$ java -Djavax.net.ssl.trustStore=truststore.jks SSLPoke HOST 443
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
什么可以解决它?