【cas、tomcat】SunCertPathBuilderException: unable to find valid certification path to requested target
来源:互联网 发布:程序化编程 期货 编辑:程序博客网 时间:2024/06/05 18:15
异常栈:
HTTP Status 500 - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
type Exception report
message javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
description The server encountered an internal error that prevented it from fulfilling this request.
exception
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetorg.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:407)org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
root cause
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetsun.security.ssl.Alerts.getSSLException(Alerts.java:192)sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)sun.security.ssl.Handshaker.process_record(Handshaker.java:849)sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
root cause
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetsun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)sun.security.validator.Validator.validate(Validator.java:260)sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)sun.security.ssl.Handshaker.process_record(Handshaker.java:849)sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
root cause
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetsun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)sun.security.validator.Validator.validate(Validator.java:260)sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)sun.security.ssl.Handshaker.process_record(Handshaker.java:849)sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
note The full stack trace of the root cause is available in the Apache Tomcat/7.0.65 logs.
Apache Tomcat/7.0.65
原因:
本地证书和server端证书不一致。
参考:http://stackoverflow.com/questions/7709540/how-to-solve-sun-security-provider-certpath-suncertpathbuilderexception
https://confluence.atlassian.com/display/KB/Unable+to+Connect+to+SSL+Services+due+to+PKIX+Path+Building+Failed
http://stackoverflow.com/questions/1828775/how-to-handle-invalid-ssl-certificates-with-apache-httpclient
解决:
将cas-server端证书,放到cas-client的jdk中。
- 【cas、tomcat】SunCertPathBuilderException: unable to find valid certification path to requested target
- SunCertPathBuilderException: Unable To Find Valid Certification Path To Requested Target
- SunCertPathBuilderException: unable to find valid certification path to requested target
- (已解决)SunCertPathBuilderException: unable to find valid certification path to requested target
- HTTPS中SunCertPathBuilderException: unable to find valid certification path to requested target
- unable to find valid certification path to requested target'解决办法
- unable to find valid certification path to requested target
- unable to find valid certification path to requested target
- Unable to find valid certification path to requested target
- unable to find valid certification path to requested target
- 彻底解决unable to find valid certification path to requested target
- 20170704unable to find valid certification path to requested target
- tomcat异常:unable to find valid certification path to requested target
- hessian,SSO,CAS调用https不受信任之跳过证书验证(unable to find valid certification path to requested target )
- PKIX path building failed: unable to find valid certification path to requested target
- 解决PKIX path building failed的问题unable to find valid certification path to requested target
- 解决方案:PKIX path building failed:unable to find valid certification path to requested target
- No more 'unable to find valid certification path to requested target'
- :/coolpigs//Visual Studio 2010 "工具">"选项"中的VC++目录编辑功能已被否决
- Ubuntu下git使用教程
- Android学习笔记(六) 调整手机屏幕亮度Brightness seekbar实现
- JSP用common-fileupload实现文件上传下载
- <iOS>十进制数转换成其他进制数
- 【cas、tomcat】SunCertPathBuilderException: unable to find valid certification path to requested target
- 开发PHP扩展CDT插件安装
- screen brightness seekbar not working
- 使用nodejs,express,mysql,Bootstrap开发采购招标网站(一)项目搭建
- netlink_unicast return -11 (EAGAIN)
- 近似最近邻搜索ANN(Approximate Nearest Neighbor)
- ruby与web代码结合(二)
- oracle rownum
- 微信公众号开发者模式Java笔记-管理素材