证书异常 Websphere 应用程序
Certificate Exception Websphere Application
我们正在尝试从 Solaris 主机连接到 websphere 上托管的应用程序,已在 JVM 托管应用程序上配置密钥库。
当我们尝试从远程主机访问时出现问题,它给出以下异常
Connecting to Authorization Gateway at https://gde_poc_crdh.service.anz:443/ag-dev...
Error connecting to Authorization Gateway: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
我们已尝试从 JVM 密钥库中提取证书并添加到主机密钥库,但它不起作用。
如何解决这个问题?
您必须在客户端 JRE(信任库)的白名单中包含服务器 public 证书
选项
1) 在 JRE trustore 中包含服务器证书 (jre/lib/security/cacerts)(不推荐)
2) 使用您自己的信任库并包含服务器证书(推荐)
System.setProperty ("javax.net.ssl.trustStore", path_to_your_trustore_jks_file);
System.setProperty ("javax.net.ssl.trustStorePassword", "password");
3) 禁用 trustStore 验证设置您自己的 TrustManager(完全不推荐)
查看详情
我们正在尝试从 Solaris 主机连接到 websphere 上托管的应用程序,已在 JVM 托管应用程序上配置密钥库。
当我们尝试从远程主机访问时出现问题,它给出以下异常
Connecting to Authorization Gateway at https://gde_poc_crdh.service.anz:443/ag-dev...
Error connecting to Authorization Gateway: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
我们已尝试从 JVM 密钥库中提取证书并添加到主机密钥库,但它不起作用。
如何解决这个问题?
您必须在客户端 JRE(信任库)的白名单中包含服务器 public 证书
选项
1) 在 JRE trustore 中包含服务器证书 (jre/lib/security/cacerts)(不推荐)
2) 使用您自己的信任库并包含服务器证书(推荐)
System.setProperty ("javax.net.ssl.trustStore", path_to_your_trustore_jks_file);
System.setProperty ("javax.net.ssl.trustStorePassword", "password");
3) 禁用 trustStore 验证设置您自己的 TrustManager(完全不推荐)
查看详情