Akka HTTP 客户端抛出 SSLHandshakeException 并且无法找到到请求目标的有效证书路径
Akka HTTP client throws SSLHandshakeException and is unable to find valid certification path to requested target
我知道这是一个常见问题,但找不到 Akka http 客户端的快速解决方案。
我使用 Akka http 客户端向某个内部 https 端点发出请求,我想禁用 SSL,如下所示:
val badSslConfig = AkkaSSLConfig().mapSettings(s => s.withLoose(s.loose.withDisableHostnameVerification(true).withAcceptAnyCertificate(true).withDisableSNI(true)))
val badCtx: HttpsConnectionContext = Http().createClientHttpsContext(badSslConfig)
// or http.setDefaultClientHttpsContext(badCtx)
http.singleRequest(HttpRequest(...), badCtx) .map { ... }
但它一直抛出异常:
Future(Failure(javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target))
谁能帮帮我?
我找到了一个工作示例 here。
val sslContext = {
val permissiveTrustManager: TrustManager = new X509TrustManager() {
override def checkClientTrusted(chain: Array[X509Certificate], authType: String): Unit = {}
override def checkServerTrusted(chain: Array[X509Certificate], authType: String): Unit = {}
override def getAcceptedIssuers(): Array[X509Certificate] = Array.empty
}
val ctx = SSLContext.getInstance("TLS")
ctx.init(Array.empty, Array(permissiveTrustManager), new SecureRandom())
ctx
}
我知道这是一个常见问题,但找不到 Akka http 客户端的快速解决方案。
我使用 Akka http 客户端向某个内部 https 端点发出请求,我想禁用 SSL,如下所示:
val badSslConfig = AkkaSSLConfig().mapSettings(s => s.withLoose(s.loose.withDisableHostnameVerification(true).withAcceptAnyCertificate(true).withDisableSNI(true)))
val badCtx: HttpsConnectionContext = Http().createClientHttpsContext(badSslConfig)
// or http.setDefaultClientHttpsContext(badCtx)
http.singleRequest(HttpRequest(...), badCtx) .map { ... }
但它一直抛出异常:
Future(Failure(javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target))
谁能帮帮我?
我找到了一个工作示例 here。
val sslContext = {
val permissiveTrustManager: TrustManager = new X509TrustManager() {
override def checkClientTrusted(chain: Array[X509Certificate], authType: String): Unit = {}
override def checkServerTrusted(chain: Array[X509Certificate], authType: String): Unit = {}
override def getAcceptedIssuers(): Array[X509Certificate] = Array.empty
}
val ctx = SSLContext.getInstance("TLS")
ctx.init(Array.empty, Array(permissiveTrustManager), new SecureRandom())
ctx
}