Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/333.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
仅在本地计算机上工作的Java SSL cacerts_Java_Ssl Certificate - Fatal编程技术网
Fatal编程技术网
  • java/
  • 仅在本地计算机上工作的Java SSL cacerts

仅在本地计算机上工作的Java SSL cacerts

java

仅在本地计算机上工作的Java SSL cacerts,java,ssl-certificate,Java,Ssl Certificate,我的程序中有一段代码设置套接字连接,然后写入远程服务器 //Get Socket, set timeout, and initialize I/O streams SSLSocket sock = null; try { InetAddress host = InetAddress.getByName("212.32.251.215"); int port = 55540; S

我的程序中有一段代码设置套接字连接,然后写入远程服务器

        //Get Socket, set timeout, and initialize I/O streams
        SSLSocket sock = null;
        try {
            InetAddress host = InetAddress.getByName("212.32.251.215");
            int port = 55540;
            SSLSocketFactory sslsocketfactory = (SSLSocketFactory) 
            SSLSocketFactory.getDefault();
            sock = (SSLSocket) sslsocketfactory.createSocket(host, port);
        } catch (Exception e) {
             e.printStackTrace();
        } 
        sock.setSoTimeout(100000);
        OutputStream out = sock.getOutputStream();
        BufferedInputStream in = new BufferedInputStream(sock.getInputStream());

        //Get Message (Compress and Encrypt)
        byte[] msg = buildMsg();

        //Send message to Server
        out.write(msg);
        out.flush();
在我的本地机器上,一切都运行顺利,但在我的云服务器上,我遇到了一个熟悉的错误—
javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效认证路径

我已确保证书位于cacerts中,带有
keytool-list-v-keystore/etc/pki/java/cacerts-alias myalias
。我还使用
System.getProperty(“javax.net.ssl.truststore”);检查了这个cacerts是否是我的java应用程序的默认信任库
返回
/etc/pki/java
。尽管如此,我甚至尝试了
System.setProperty(“javax.net.ssl.trustStore”,“etc/pki/java/cacerts”)

在这一点上,我不知道为什么我仍然得到这个错误;欢迎提出任何建议或解决方案。谢谢。
我最终通过显式创建信任库解决了这个问题,而不是依靠java来找到它


        KeyStore trustStore = KeyStore.getInstance("JKS");
        trustStore.load(new FileInputStream(mypath), password.toCharArray());

        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
        tmf.init(trustStore);

        SSLContext sslcontext = SSLContext.getInstance("SSLv3");
        sslcontext.init(null, tmf.getTrustManagers(), null);

        SSLSocketFactory sslsocketfactory = sslcontext.getSocketFactory();

        InetAddress host = InetAddress.getByName("212.32.251.215");
        int port = 55540;

        sslsocket = (SSLSocket) sslsocketfactory.createSocket(host, port);


“依靠Java来找到它”是什么意思?Java没有魔力。信任库可以在JVM级别(cacerts)上定义,也可以在应用程序服务器(例如Tomcat)内定义,前提是您的应用程序在这样的环境中运行,或者在应用程序代码本身中运行。您也可以使用环境变量来设置信任库。。。