我有一个单页web应用程序(springmcv+jsf(primefaces)+tomca8),运行在 Development-server
,它为从提供者(例如https://stream.xyz.com),一开始我遇到了sslhandshakeexception:
javax.net.ssl.sslhandshakeexception:sun.security.validator.validatorexception:pkix路径生成失败:sun.security.provider.certpath.suncertpathbuilderexception:找不到请求目标的有效证书路径
经过一番研究,我发现了问题所在,我通过导出域证书并手动将其添加到 /jdk/jdk1.8.0_65/jre/lib/security/cacerts
通过一些命令,然后我的问题解决了。
但主要问题是:
我有一个springboot(v1.5.12)应用程序 on production-server it has SSL enabled, I mean that in /resources folder I have a SSLKeystore.p12
包含我的证书但当我运行它时 on development-server(which mentioned webApp exists) SSL configs have been commented
它想再次对同一个域进行api调用,而我现在面临的是 SSLHandshakeException
如上所述。
springboot不使用 cacerts
我在其中添加了域证书的文件?
任何关于如何解决这个问题的想法都将不胜感激!
更新:
经过一些研究,我在项目中添加了这个配置类:
@Configuration
@PropertySource(value = "classpath:SSLConfigs.properties", encoding = "UTF-8")
public class SSLConfig {
@Autowired
private Environment env;
@PostConstruct
private void configureSSL() {
//set to TLSv1.1 or TLSv1.2
System.setProperty("https.protocols", "TLSv1.1");
//load the 'javax.net.ssl.trustStore' and
//'javax.net.ssl.trustStorePassword' from application.properties
System.setProperty("javax.net.ssl.trustStore", env.getProperty("server.ssl.trust-store"));
System.setProperty("javax.net.ssl.trustStorePassword",env.getProperty("server.ssl.trust-store-password"));
}
}
以及属性文件中的这些:
server.ssl.trust-store=classpath:classpath:SSLKeystore.p12
server.ssl.trust-store-password=password
现在我面临一个例外:
原因:java.lang.runtimeexception:意外错误:java.security.invalidalgorithmparameterexception:sun.security.validator.pkixvalidator.(pkixvalidator)处的trustanchors参数必须为非空。java:90)在sun.security.validator.validator.getinstance(validator。java:179)在sun.security.ssl.x509trustmanagerimpl.getvalidator(x509trustmanagerimpl。java:312)在sun.security.ssl.x509trustmanagerimpl.checktrustedinit(x509trustmanagerimpl。java:171)在sun.security.ssl.x509trustmanagerimpl.checktrusted(x509trustmanagerimpl。java:184)在sun.security.ssl.x509trustmanagerimpl.checkservertrusted(x509trustmanagerimpl。java:124)在sun.security.ssl.clienthandshaker.servercertificate(clienthandshaker。java:1491)在sun.security.ssl.clienthandshaker.processmessage(clienthandshaker。java:216)在sun.security.ssl.handshaker.processloop(handshaker。java:979)在sun.security.ssl.handshaker.process\u record(handshaker。java:914)在sun.security.ssl.sslsocketimpl.readrecord(sslsocketimpl。java:1062)在sun.security.ssl.sslsocketimpl.performitialhandshake(sslsocketimpl。java:1375)在sun.security.ssl.sslsocketimpl.startAndShake(sslsocketimpl。java:1403) ... 144其他原因:java.security.invalidalgorithmparameterexception:trustanchors参数在java.security.cert.pkixparameters.settrustanchors(pkixparameters)处必须为非空。java:200)在java.security.cert.pkixparameters。java:120)位于java.security.cert.pkixbuilderparameters.(pkixbuilderparameters。java:104)在sun.security.validator.pkixvalidator.(pkixvalidator。java:88)
暂无答案!
目前还没有任何答案,快来回答吧!