时间戳

首页 > 解决方案 > PKIX 路径构建失败:我无法修复它请为我们提供一些解决方案

java - PKIX 路径构建失败:我无法修复它请为我们提供一些解决方案

问题描述

我只有.p12文件要调用,当我们被邮递员使用时它工作正常,我们想通过java代码或springboot rest模板调用

    KeyStore clientStore = KeyStore.getInstance("PKCS12");
    clientStore.load(new FileInputStream("/Users/sagir/Downloads/rest-api/src/main/resources/loudcloud-test.p12"),
            "rudaN9YzjKwge5gu".toCharArray());

    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(clientStore, "rudaN9YzjKwge5gu".toCharArray());
    KeyManager[] kms = kmf.getKeyManagers();

    KeyStore trustStore = KeyStore.getInstance("PKCS12");
    trustStore.load(
            new FileInputStream(
                    "/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/security/cacerts"),
            "changeit".toCharArray());

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(trustStore);
    TrustManager[] tms = tmf.getTrustManagers();

    SSLContext sslContext = null;
    sslContext = SSLContext.getInstance("TLS");
    sslContext.init(kms, tms, new SecureRandom());

    HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
    URL url = new URL(null, "url",
            new sun.net.www.protocol.https.Handler());

    HttpURLConnection myURLConnection = (HttpURLConnection) url.openConnection();

标签: javaspring-bootssl

解决方案

您没有要导入的X.509 证书,您有PKCS#12 -keystore,因此您的命令应如下所示:

keytool -importkeystore -v -srckeystore /home/mdsager/Downloads/spring-batch-demo/src/main/resources/loudcloud-test.p12 -srcstoretype PKCS12 -destkeystore  /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts -deststoretype JCEKS

推荐阅读