Java HTTP传输错误:找不到tomcat上请求的有效证书路径
我有三个tomcat在我的系统上运行,每个tomcat服务器部署一个单独的war文件。我正在尝试使用https在这些服务器之间进行通信 由于这三个服务都在同一台机器上,所以我对它们使用了相同的证书。前两台服务器运行正常 但我的上一个tomcat服务器在服务器启动时抛出以下错误:Java HTTP传输错误:找不到tomcat上请求的有效证书路径,java,tomcat,ssl,soapui,Java,Tomcat,Ssl,Soapui,我有三个tomcat在我的系统上运行,每个tomcat服务器部署一个单独的war文件。我正在尝试使用https在这些服务器之间进行通信 由于这三个服务都在同一台机器上,所以我对它们使用了相同的证书。前两台服务器运行正常 但我的上一个tomcat服务器在服务器启动时抛出以下错误: com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: sun
com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:131)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:219)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:143)
at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:110)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
at com.sun.xml.ws.client.Stub.process(Stub.java:429)
at com.sun.xml.ws.client.dispatch.DispatchImpl.doInvoke(DispatchImpl.java:259)
at com.sun.xml.ws.client.dispatch.DispatchImpl.invoke(DispatchImpl.java:296)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1334)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1309)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:259)
at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:119)
... 16 more
该错误表明您在jdk/jre/lib/secusrity/cacerts文件中没有证书 按照以下步骤操作,希望对您有所帮助 1.消防指挥部 keytool-list-v-keystore jdk/jre/lib/secusrity/cacerts>java_cacerts.txt 所有cacerts证书将以java_cacerts.txt文件导出 2.看看java_cacerts.txt。通过搜索匹配的序列号,查看它是否包含浏览器中存在的相同证书。在java_cacerts.txt文件中,序列号将使用小写字母,并且不带“:”冒号字符。如果不存在,则这可能是错误的原因,我们可以通过添加在浏览器中找到的证书来修复此问题 3.返回浏览器,导出根CA。选择“X.509证书(DER)”类型,以便导出的文件具有DER扩展名 假设文件名为example.der,请为此证书选择别名“example”。接下来导入文件 4.keytool-import-alias-example-keystore jdk/jre/lib/secusrity/cacerts-file example.der 此命令提示您输入密码,默认密码为changeit 5.再次转储内容以验证其是否包含新证书。重新启动JVM
6.还要检查cacerts文件中的证书是否与您的密钥库文件匹配duplicate,可能值得指出的是,这是一个客户端错误,而不是服务器错误。这意味着对
conf/server.xml