java OpenJDK 10拒绝所有SSL证书

kcrjzv8t  于 2023-05-21  发布在  Java
关注(0)|答案(2)|浏览(299)

安装OpenJDK 10我所做的只是解压它,设置PATH变量和JAVA_HOME变量。
Java甚至拒绝了www.example.com的证书google.de(以及我尝试的所有其他证书)。我通过一些尝试连接的虚拟类测试了这一点。结果是:

C:\Users\Alexander\Downloads>java SSLPoke google.de 443
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
        at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:290)
        at java.base/sun.security.validator.Validator.validate(Validator.java:264)
        at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:343)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:226)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:133)
        at java.base/sun.security.ssl.ClientHandshaker.checkServerCerts(ClientHandshaker.java:1947)
        at java.base/sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1777)
        at java.base/sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:264)
        at java.base/sun.security.ssl.Handshaker.processLoop(Handshaker.java:1098)
        at java.base/sun.security.ssl.Handshaker.processRecord(Handshaker.java:1026)
        at java.base/sun.security.ssl.SSLSocketImpl.processInputRecord(SSLSocketImpl.java:1137)
        at java.base/sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1074)
        at java.base/sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
        at java.base/sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1402)
        at java.base/sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:733)
        at java.base/sun.security.ssl.AppOutputStream.write(AppOutputStream.java:67)
        at java.base/sun.security.ssl.AppOutputStream.write(AppOutputStream.java:81)
        at SSLPoke.main(SSLPoke.java:31)
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
        at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
        at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
        at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
        ... 18 more

在网上找到了很多如何向java添加特殊证书的方法,但我认为在我的java安装中总的来说有些问题。
所以我的问题是什么会导致这样的事情???

Java

2条答案

按热度按时间
mwg9r5ms

mwg9r5ms1#

您应该在cacerts密钥库中验证根证书。该文件存储在JAVA_HOME/jre/lib/security/cacerts(或较新的Java版本中的JAVA_HOME/lib/security/cacerts)中。根据OpenJDK 10 Now Includes Root CA Certificates的帖子,你可以使用keytool命令来计算它们:

>jdk-10\bin\keytool -cacerts -list | find "Certificate" /c
Enter keystore password:  changeit
80

很可能您的Java安装已损坏,您应该重新安装。请注意,OpenJDK是由多个供应商提供的,并且您可能正在使用不安装根证书的安装程序。

赞(0)分享  回复(0)举报  2023-05-21
8ftvxx2r

8ftvxx2r2#

最后我安装了OracleJDK10(也是10.0.2),并且可以正常工作

C:\Users\Alexander\Downloads>java "SSLPoke" google.de 443
Successfully connected
赞(0)分享  回复(0)举报  2023-05-21
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com