当我在 生产环境 环境中部署它时,我的J2EE应用程序抛出异常 . 我已经尝试过keytool生成的自签名证书,但它没有任何意义
JDK: (Oracle JDK) java version "1.7.0_80" Tomcat :7.0.55
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
此应用程序与需要通过HTTPS通信的API进行通信 . 以下是代码段:
public String reqSender() throws Exception
{
String inputLine="xxxxx";
String refreshToken="addddddd";
String httpsURL = "https://mifc.xxx.lk/xxx/token?grant_type=refresh_token&refresh_token="
+ refreshToken + "&scope=PRODUCTION";
URL myurl = new URL(httpsURL);
HttpsURLConnection con = (HttpsURLConnection)myurl.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
con.setRequestProperty("Authorization","Basic YxsdsdsfdfsfsdsdsdSncxU0dlQXJPY3F1Q1JndXc3bU1h");
InputStream ins = con.getInputStream();
InputStreamReader isr = new InputStreamReader(ins);
try (BufferedReader in = new BufferedReader(isr)) {
while ((inputLine = in.readLine()) != null)
{
System.out.println(inputLine);
} }
return inputLine;}
1 回答
问题的原因:客户端无法信任我们尝试访问的服务器端证书 . 因此我写了使用HttpsURLConnection扩展HttpURLConnection和X509TrustManager进行身份验证 . 还使用单独的类“SSLCert”来信任证书 . 这样客户端就可以信任证书并按预期进行通信 .
下课是SSLCert