OpenJDK和Sun标准JDK导入证书的不同
最近在开发一个项目,需要导入一个网站的证书到JDK。
本地用的是sun的标准JDK 1.8,导入证书到JDK后没问题,可以访问该网站。
但是把代码上传到jenkins服务器跑测试的时候出bug了,服务器那边用的是OpenJDK 8。
bug如下:
16:51:47 burp:javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
16:51:47 burp:at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
16:51:47 burp:at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
16:51:47 burp:at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1906)
16:51:47 burp:at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1889)
16:51:47 burp:at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1410)
16:51:47 burp:at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
16:51:47 burp:at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
16:51:47 burp:at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)
16:51:47 burp:at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)
16:51:47 burp:at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
16:51:47 burp:at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
16:51:47 burp:at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
16:51:47 burp:at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
16:51:47 burp:at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
16:51:47 burp:at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
16:51:47 burp:at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
16:51:47 burp:at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
16:51:47 burp:at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
16:51:47 burp:at com.sap.sme.sec.dynamic.simulator.SamlLoginHandlerImpl.login(SamlLoginHandlerImpl.java:66)
16:51:47 burp:at com.sap.sme.sec.dynamic.scanner.LoginManager.LoginSystemInternal(LoginManager.java:46)
16:51:47 burp:at burp.BurpExtender.setCommandLineArgs(BurpExtender.java:109)
16:51:47 burp:at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
16:51:47 burp:at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
16:51:47 burp:at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
16:51:47 burp:at java.lang.reflect.Method.invoke(Method.java:498)
16:51:47 burp:at burp.l0g.run(Unknown Source)
16:51:47 burp:at java.lang.Thread.run(Thread.java:745)'
查看了OpenJDK的证书链,根证书也都在。。。不知道为啥会这样。。