Java 带密码的内部文件SSL证书失败_Java_X509certificate

Java 带密码的内部文件SSL证书失败

java

Java 带密码的内部文件SSL证书失败,java,x509certificate,Java,X509certificate,我在一个Spring引导服务中，它将在一个微服务中，试图连接到一个外部SOAP Web服务，该服务需要一个由该服务创建的证书和一个密码。这是在Windows中编写的，但需要在Unix上运行。现在，我已经为Windows硬编码了一些东西。这是我为自己编写的代码，但我在httpConn.getInputStream（）上遇到了一个错误： “sun.security.validator.ValidatorException:PKIX路径生成失败：sun.security.provider.certpa

我在一个Spring引导服务中，它将在一个微服务中，试图连接到一个外部SOAP Web服务，该服务需要一个由该服务创建的证书和一个密码。这是在Windows中编写的，但需要在Unix上运行。现在，我已经为Windows硬编码了一些东西。这是我为自己编写的代码，但我在httpConn.getInputStream（）上遇到了一个错误：

“sun.security.validator.ValidatorException:PKIX路径生成失败：sun.security.provider.certpath.SunCertPathBuilderException:找不到请求目标的有效证书路径”

有人能帮我理解我错过了什么吗

public String getSoapData(String contentType) throws IOException, NoSuchAlgorithmException, KeyManagementException, CertificateException, KeyStoreException {
    StringBuilder retVal = new StringBuilder();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

    // get user password and file input stream
    char[] password = "MYPass".toCharArray();

    java.io.FileInputStream fis = null;
    //X509Certificate caCert = null;
    //CertificateFactory cf = CertificateFactory.getInstance("X.509");

    try {
        fis = new java.io.FileInputStream("C:\\MyCerts\\dev_HubExplorer1.pfx");
        ks.load(fis, password);
        //caCert = (X509Certificate)cf.generateCertificate(fis);
        //ks.setCertificateEntry("caCert", caCert);
    } catch (Exception e) {
        Common.screenPrint("Exception while importing certificate:%s%s", Common.CRLF, e.getMessage());
    } finally {
        if (fis != null) {
            fis.close();
        }
    }       

    tmf.init(ks);

    //TODO (GWL) Need to get this from a configuration file/db.
    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
    sslContext.init(null, tmf.getTrustManagers(), new java.security.SecureRandom());

    URL url = new URL(_publicRecordURL);
    HttpsURLConnection httpConn = (HttpsURLConnection) url.openConnection();
    httpConn.setSSLSocketFactory(sslContext.getSocketFactory());
    byte[] bytes = _requestTemplate.getBytes();

    // Set the appropriate HTTP parameters.
    httpConn.setRequestProperty("Content-Length", String.valueOf( bytes.length ) );
    httpConn.setRequestProperty("Content-Type","text/xml; charset=utf-8");
    httpConn.setRequestProperty("SOAPAction",_soapAction);
    httpConn.setRequestProperty("Accept","text/xml");
    httpConn.setRequestMethod( "POST" );
    httpConn.setDoOutput(true);
    httpConn.setDoInput(true);

    //Everything's set up; send the XML that was read in to b.
    OutputStreamWriter writer = new OutputStreamWriter(httpConn.getOutputStream());
    writer.write(_requestTemplate);
    writer.flush();

    //Read the response and write it to standard out.
    InputStreamReader isr = new InputStreamReader(httpConn.getInputStream());
    BufferedReader in = new BufferedReader(isr);

    String inputLine;

    while ((inputLine = in.readLine()) != null) {
        retVal.append(inputLine + Common.CRLF);
        System.out.println(inputLine);
    }

    in.close();

    return retVal.toString();
}

您可以按照以下

stackoverflow

答案获得此问题的解决方案：

已经尝试过，但似乎无法让其接受证书。。我知道证书与密码一起工作，因为我在.NET中使用它连接到相同的服务，没有问题。keytool-import-alias-example-keystore C:\Program Files（x86）\Java\jre1.8.0\u 131\lib\security\cacerts-file dev_HubExplorer1.pfxI显然可以搜索，但他们的解决方案不起作用，4小时后，我正在寻找帮助。keytool错误：Java.lang.Exception：输入的不是X.509证书