sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
方案一:
添加这个JVM选项解决了这个问题:-Dcom.sun.security.enableAIAcaIssuers=true
或在代码添加一行代码: System.setProperty("com.sun.security.enableAIAcaIssuers", "true");
方案二:
设置https 忽略证书设置:
X509TrustManager xtm = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
};
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new TrustManager[]{xtm}, new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
okHttpClient.setConnectTimeout(TIMEOUT, TimeUnit.SECONDS);
okHttpClient.setWriteTimeout(TIMEOUT, TimeUnit.SECONDS);
okHttpClient.setReadTimeout(TIMEOUT, TimeUnit.SECONDS);
okHttpClient.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}}).setSslSocketFactory(sslContext.getSocketFactory());
方案3:直接导证书
keytool -–importcert -file c:\EM.crt -keystore D:\jdk1.8.0_131\jre\lib\security\cacerts -alias "Cert" -storepass changeit
