Java Azure连接无法连接证书错误

我很难根据Azure的特定租户ID进行身份验证。我使用的代码如下所示：

public abstract class Azure
{
    private final static String GRAPH = "https://graph.windows.net/";
    private Logger objLogger;
    private String strAccessToken;
    private String strTenantID;
    private String strLogin;
    private String strAuthorize;
    private String strGraph;
    private String strApplicationID;
    private String strUsername;
    private String strPassword;
    public String getAccessToken() throws InvalidKeyException, MalformedURLException, ServiceUnavailableException, IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, InterruptedException, ExecutionException
    {
        if (this.strAccessToken == null)
        {
            this.setAccessToken();
        }
        return this.strAccessToken;
    }
    private void setAccessToken() throws MalformedURLException, InterruptedException, ExecutionException, ServiceUnavailableException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException
    {
        AuthenticationContext objContext;
        AuthenticationResult objToken;
        ExecutorService objService;
        Future<AuthenticationResult> objFuture;
        objService = null;
        objToken = null;
        try
        {
            objService = Executors.newFixedThreadPool(1);
            objContext = new AuthenticationContext(this.getAuthorize(), false, objService);
            objFuture = objContext.acquireToken(GRAPH, this.getApplicationID(), this.getUsername(), this.getPassword(), null);
            objToken = objFuture.get();
            this.getLogger().info("Connection to Azure ".concat(this.getClass().getSimpleName().toLowerCase()).concat(" successfully stablished"));
        }
        finally
        {
            objService.shutdown();
        }
        if (objToken == null)
        {
            throw new ServiceUnavailableException("Authentication Service is not available");
        }
        this.strAccessToken = objToken.getAccessToken();
    }
    public void setGraph()
    {
        this.strGraph = GRAPH.concat(this.getTenantID());
    }
}

public class Connection1 extends Azure
{
    private static Connection1 objInstance;
    private Connection1() throws ParameterException, IOException, ParserConfigurationException, SAXException
    {
        super();
        this.setTenantID(<Tenant ID>);
        this.setLogin("https://login.microsoftonline.com/".concat(this.getTenantID()));
        this.setAuthorize(this.getLogin().concat("/oauth2/authorize"));
        this.setGraph();
        this.setApplicationID(<Application ID>);
        this.setAccessToken(null);
        this.setUsername(<username>);
        this.setPassword(<password>);
        this.setLogger();
    }
    public static Azure getInstance() throws ParameterException, IOException, ParserConfigurationException, SAXException
    {
        if (objInstance == null)
        {
            objInstance = new Connection1();
        }
        return objInstance;
    }
}

---

这似乎是一个证书错误，所以我在网上进行了一些研究，他们建议将DigiCert Baltimore Root“证书添加到我的证书存储中。证书已经在那里了。您知道我应该如何面对它吗？

仅根据您的错误信息，下面有两个博客可供您参考，以解决此问题

无法找到请求目标的有效认证路径



上面的博客都使用这个工具来提供可以添加到本地密钥库的证书。请遵循GitHub存储库的自述

同时，我只是猜测，我认为一个可能的原因是JVM中证书存储的资源竞争。因此，如果您在JVM实例中运行
Connection1
和
Connection2
，您可以尝试在它们自己的独立JVM实例上分别运行它们，或者尝试复制
JAVA_HOME
目录，并在命令行中设置一个临时
JAVA_HOME
&
PATH
环境变量，以运行另一个
Connection2
，而不与它们共享任何资源。
实际查找问题。我使用了Firefox的TamperData插件，并检查每个重定向以获得所有具有各自证书的站点。似乎在这个特定的租户中发生了一个变化，它不再使用DigiCert Baltimore根目录，而是使用Trust.net根目录

[pool-3-thread-1] ERROR com.microsoft.aad.adal4j.AuthenticationContext - [Correlation ID: 63cc6344-2bc1-4f61-aaa0-a2f07acb172b] Execution of class com.microsoft.aad.adal4j.AcquireTokenCallable failed.
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target