Java CertPathBuilderException和SSLHandshakeException_Java_Ssl_Ssl Certificate_Websphere_Sslhandshakeexception

Java CertPathBuilderException和SSLHandshakeException

java ssl websphere

Java CertPathBuilderException和SSLHandshakeException,java,ssl,ssl-certificate,websphere,sslhandshakeexception,Java,Ssl,Ssl Certificate,Websphere,Sslhandshakeexception,我们遇到了一个例外： com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert.CertPathValidatorException: The certificate

我们遇到了一个例外：

com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:     java.security.cert.CertPathValidatorException: The certificate issued by CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US is not trusted; internal cause is:   java.security.cert.CertPathValidatorException: Certificate chaining error com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:   java.security.cert.CertPathValidatorException: The certificate issued by CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US is not trusted; internal cause is:   java.security.cert.CertPathValidatorException: Certificate chaining error javax.net.ssl.SSLHandshakeException

它是在通过Java代码的POST服务调用调用第三方域时出现的。为解决此问题，我们尝试了以下步骤：

从WAS控制台的“SSL证书”选项卡检索签名者证书

尝试将SSL_客户端_props文件中的TLS版本更新为1.2

正在上载最新的local_policy.jar和US_Export_policy.jar

从OpenSSL下载最新证书并上载到服务器

还尝试在代码中实现TrustManager以绕过证书信任问题。

如果您有任何建议，请提供帮助。

您在何处检索签名者证书？哪个信任存储区？WebSphere日志中是否有错误，告诉您缺少什么信任？如果不是的话，我会觉得用于出站连接的SSLContext不是由WebSphere在CellDefaultTrsutStore中创建的。@dbreaux和NodeDefaultTrustStore@Alaine我们还没弄清楚。在执行了一些进一步的步骤之后，将生成新的错误以及上面的错误：“RSA premaster secret error”