Java CertPathBuilderException使用netty与服务器通信-在信任库中加载证书问题?
我已经使用logstash设置了syslog服务器,并使用ssl对其进行了保护,如本优秀文档中所述: 在服务器上,我创建了一个密钥和证书,如下所示: openssl genrsa-out server.key 2048Java CertPathBuilderException使用netty与服务器通信-在信任库中加载证书问题?,java,ssl,netty,syslog,truststore,Java,Ssl,Netty,Syslog,Truststore,我已经使用logstash设置了syslog服务器,并使用ssl对其进行了保护,如本优秀文档中所述: 在服务器上,我创建了一个密钥和证书,如下所示: openssl genrsa-out server.key 2048 openssl req-new-key server.key-batch-out server.csr openssl x509-req-days 3650-in server.csr-signkey server.key-out server.crt 我将server.crt复
openssl req-new-key server.key-batch-out server.csr
openssl x509-req-days 3650-in server.csr-signkey server.key-out server.crt 我将server.crt复制到我的客户端系统,并尝试使用它向我的服务器发送系统日志消息,但失败原因如下: 原因:java.security.cert.CertPathBuilderException:无法找到 位于的请求目标的有效证书路径 com.ibm.security.cert.PKIXCertPathBuilderImpl.buildCertPath(PKIXCertPathBuilderImpl.java:642) 在 com.ibm.security.cert.PKIXCertPathBuilderImpl.engineBuild(PKIXCertPathBuilderImpl.java:356) 位于java.security.cert.CertPathBuilder.build(CertPathBuilder.java:256) 位于com.ibm.jsse2.util.h.a(h.java:37) 下面是我的代码:
EventLoopGroup group = null;
Bootstrap bootstrap = null;
Channel channel = null;
group = new NioEventLoopGroup();
bootstrap = new Bootstrap();
bootstrap.group(group);
SSLContext s=SSLContext.getInstance("TLS");
s.init(null, null,null);
String[] suites = s.getSocketFactory().getSupportedCipherSuites();
List<String> ciphers = new ArrayList<String>();
for (int i = 0; i < suites.length; i++) {
ciphers.add(suites[i]);
}
SslContextBuilder ctxBuilder = SslContextBuilder.forClient();
ctxBuilder.ciphers(ciphers);
// get cert
FileInputStream ksfis = new FileInputStream("server.crt");
BufferedInputStream ksbufin = new BufferedInputStream(ksfis);
X509Certificate certificate = (X509Certificate)
CertificateFactory.getInstance("X.509").generateCertificate(ksbufin);
// add cert to keystore
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(null, "password".toCharArray());
keystore.setCertificateEntry("alias", certificate);
System.setProperty("javax.net.ssl.trustStore", "server.crt");
ctxBuilder.trustManager(certificate);
SslContext sslCtx = ctxBuilder.build();
bootstrap.channel(NioSocketChannel.class)
.option(ChannelOption.SO_KEEPALIVE, true)
.handler(new TcpSyslogEventEncoder());
try {
ChannelFuture future = bootstrap.connect(new InetSocketAddress(hostname, 5000));
channel = future.syncUninterruptibly().channel();
channel.pipeline().addLast("ssl", sslCtx.newHandler(channel.alloc(), hostname, 5000));
}
catch (Exception e) {
System.out.println("Unable to connect to host. Cause is " + e.toString());
}
SyslogEvent event = new SyslogEvent("Dec 23 12:11:43 louis postfix/smtpd[31499]: da a tu cuerpo alegria macarena[95.75.93.154]");
channel.writeAndFlush(event);
System.out.println("Got to end");
EventLoopGroup组=null;
Bootstrap Bootstrap=null;
通道=空;
group=新的NioEventLoopGroup();
bootstrap=新的bootstrap();
bootstrap.group(组);
sslcontexts=SSLContext.getInstance(“TLS”);
s、 init(null,null,null);
字符串[]suites=s.getSocketFactory().GetSupportedCipherSuite();
列表密码=新的ArrayList();
对于(int i=0;i
您是否已将server.crt导入jre/lib/security/cacerts密钥库?是否已将server.crt导入jre/lib/security/cacerts密钥库?