在eclipse Neon上安装aws toolkit时如何解决连接问题?
How to solve the connection when install aws toolkit on eclipse Neon?
我在公司,需要设置代理才能上网。代理设置没问题,因为我可以连接到其他网站,例如霓虹灯 - http://download.eclipse.org/releases/neon, but not for http://aws.amazon.com/eclipse.
错误信息是:
Unable to read repository at
https://aws.amazon.com/eclipse/content.xml. Unable to read repository
at https://aws.amazon.com/eclipse/content.xml.
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target.
具体堆栈为:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:554)
at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:435)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.updateSecureConnection(DefaultClientConnectionOperator.java:216)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.layerProtocol(ManagedClientConnectionImpl.java:394)
at org.apache.http.impl.client.DefaultRequestDirector.establishRoute(DefaultRequestDirector.java:814)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:615)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.eclipse.ecf.provider.filetransfer.httpclient4.HttpClientFileSystemBrowser.runRequest(HttpClientFileSystemBrowser.java:263)
at org.eclipse.ecf.provider.filetransfer.browse.AbstractFileSystemBrowser$DirectoryJob.run(AbstractFileSystemBrowser.java:69)
at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)
... 20 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown
Source)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown
Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 26 more
尝试将 Window/Preferences/Network 设置从原生更改为直接。
使用 "eclipse.exe -clean" 从 CLI 启动 eclipse
重试更新
这是因为 java 无法识别 https://aws.amazon.com 的根证书颁发机构 (CA) SSL 证书。
解决方案是将该证书添加到 java cacerts 文件,以便永久接受它。
第 1 步:获取 https://aws.amazon.com
的根证书
CHROME 浏览器
- 打开https://aws.amazon.com
- Select 从上下文菜单中检查(右键单击页面)并导航到安全选项卡
- 点击查看证书
- 单击层次结构中最顶层的证书并确认它以根 CA 短语结尾。
- 拖放您在桌面上看到的书面证书图像。
FIREFOX 浏览器
- 打开https://aws.amazon.com
- 点击绿色锁定按钮"show certificate"
- 选项卡 "details"、"export"
就是这样!您获得了根证书!
第 2 步:将该证书添加到 java cacerts 文件。
- 在你的 jre bin 文件夹中使用 keytool.exe。
- 触发以下命令将您的证书放入 cacerts 文件
keytool –import –noprompt –trustcacerts –alias ALIASNAME -file
/PATH/TO/YOUR/DESKTOP/CertificateName.cer -keystore
/PATH/TO/YOUR/JDK/jre/lib/security/cacerts -storepass changeit
就是这样!你的问题已经解决了。
请注意
- 请确认给您此 PKIX 错误的 jre(部署后由 eclipse 或您的应用程序使用的 JRE)是您执行步骤 2 的地方。如果您尝试使用另一个 jre 问题,那就是原样.
转到 Eclipse -> Window -> 首选项 -> 网络设置
将活动提供者更改为直接
救球
返回安装软件
再次尝试从 AWS Repo 中提取
这次可以了
只需在eclipse中执行以下步骤,
1) 转到 windows -> 首选项 -> 搜索网络连接
2) 将活动提供商更改为 direct.
然后尝试在eclipse 中安装软件并搜索http://aws.amazon.com/eclipse。
它会起作用。
我在公司,需要设置代理才能上网。代理设置没问题,因为我可以连接到其他网站,例如霓虹灯 - http://download.eclipse.org/releases/neon, but not for http://aws.amazon.com/eclipse.
错误信息是:
Unable to read repository at https://aws.amazon.com/eclipse/content.xml. Unable to read repository at https://aws.amazon.com/eclipse/content.xml. sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.
具体堆栈为:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at sun.security.ssl.Handshaker.processLoop(Unknown Source) at sun.security.ssl.Handshaker.process_record(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:554) at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:435) at org.apache.http.impl.conn.DefaultClientConnectionOperator.updateSecureConnection(DefaultClientConnectionOperator.java:216) at org.apache.http.impl.conn.ManagedClientConnectionImpl.layerProtocol(ManagedClientConnectionImpl.java:394) at org.apache.http.impl.client.DefaultRequestDirector.establishRoute(DefaultRequestDirector.java:814) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:615) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446) at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at org.eclipse.ecf.provider.filetransfer.httpclient4.HttpClientFileSystemBrowser.runRequest(HttpClientFileSystemBrowser.java:263) at org.eclipse.ecf.provider.filetransfer.browse.AbstractFileSystemBrowser$DirectoryJob.run(AbstractFileSystemBrowser.java:69) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(Unknown Source) at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) at sun.security.validator.Validator.validate(Unknown Source) at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) ... 20 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) at java.security.cert.CertPathBuilder.build(Unknown Source) ... 26 more
尝试将 Window/Preferences/Network 设置从原生更改为直接。 使用 "eclipse.exe -clean" 从 CLI 启动 eclipse 重试更新
这是因为 java 无法识别 https://aws.amazon.com 的根证书颁发机构 (CA) SSL 证书。
解决方案是将该证书添加到 java cacerts 文件,以便永久接受它。
第 1 步:获取 https://aws.amazon.com
的根证书CHROME 浏览器
- 打开https://aws.amazon.com
- Select 从上下文菜单中检查(右键单击页面)并导航到安全选项卡
- 点击查看证书
- 单击层次结构中最顶层的证书并确认它以根 CA 短语结尾。
- 拖放您在桌面上看到的书面证书图像。
FIREFOX 浏览器
- 打开https://aws.amazon.com
- 点击绿色锁定按钮"show certificate"
- 选项卡 "details"、"export"
就是这样!您获得了根证书!
第 2 步:将该证书添加到 java cacerts 文件。
- 在你的 jre bin 文件夹中使用 keytool.exe。
- 触发以下命令将您的证书放入 cacerts 文件
keytool –import –noprompt –trustcacerts –alias ALIASNAME -file /PATH/TO/YOUR/DESKTOP/CertificateName.cer -keystore /PATH/TO/YOUR/JDK/jre/lib/security/cacerts -storepass changeit
就是这样!你的问题已经解决了。
请注意
- 请确认给您此 PKIX 错误的 jre(部署后由 eclipse 或您的应用程序使用的 JRE)是您执行步骤 2 的地方。如果您尝试使用另一个 jre 问题,那就是原样.
转到 Eclipse -> Window -> 首选项 -> 网络设置 将活动提供者更改为直接 救球 返回安装软件 再次尝试从 AWS Repo 中提取 这次可以了
只需在eclipse中执行以下步骤, 1) 转到 windows -> 首选项 -> 搜索网络连接 2) 将活动提供商更改为 direct.
然后尝试在eclipse 中安装软件并搜索http://aws.amazon.com/eclipse。 它会起作用。