Java
1 前言
一个问题,一篇文章,一出故事。
笔者最近更换服务器的证书后,有的程序连接更换证书后的服务器API后报错,具体错误提示如下,
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2 最佳实践
keytool -importcert -alias uc.cmdschool.org -keystore ${JAVA_HOME}/jre/lib/security/cacerts -file wildcard.cmdschool.org.crt
配置向导如下,
Enter keystore password: changeit #... Trust this certificate? [no]: yes Certificate was added to keystore
以上为Java 8的操作,另外如果是Java 11需要使用如下命令,
keytool -importcert -alias uc.cmdschool.org -keystore ${JAVA_HOME}/lib/security/cacerts -file wildcard.cmdschool.org.crt
需要注意的是,
– 输入的“changeit”为“cacerts”证书秘钥库的默认密码
– 导入的“wildcard.cmdschool.org.crt”为SSL证书的公钥
参阅文档
================
https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html
https://confluence.atlassian.com/kb/unable-to-connect-to-ssl-services-due-to-pkix-path-building-failed-error-779355358.html
没有评论