SunCertPathBuilderException:要求されたターゲットへの有効な証明書パスを見つけることができません

問題

https/[SSLをサポートするTomcat]を展開し、このリンクをデプロイしました://webservices/jax-ws/jax-ws-hello- world-example/[Webサービス]を開発用のTomcatサーバー上に作成します。次のURLからSSL接続を介してデプロイされたWebサービスに接続している間:

" https://localhost:8443/HelloWorld/hello?wsdl "、それはヒットします

javax.net.ssl.SSLHandshakeException:
   sun.security.validator.ValidatorException: PKIX path building failed:
   sun.security.provider.certpath.SunCertPathBuilderException:
   unable to find valid certification path to requested target

Caused by: sun.security.validator.ValidatorException:
   PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
   unable to find valid certification path to requested target

Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
   unable to find valid certification path to requested target

解決策

この問題と解決策の原因は、このhttp://blogs.sun.com/andreas/entry/no more unable to find粒子に詳しく説明されています。

以下は同じソリューションですが、私の開発環境でデモンストレーションしています:)

1. InstallCert.javaを入手する

http://blogs.sun.com/andreas/resource/InstallCert.javaから `InstallCert.java`ファイルを入手してください。

2.信頼できるキーストアを追加する

あなたのホスト名とhttpsポートで `InstallCert.java`を実行し、入力を求めるときは「 1 」を押してください。 "localhost"を信頼できるキーストアとして追加し、 " jssecacerts "という名前のファイルを生成します。

C:\>java InstallCert localhost:8443
Loading KeyStore C:\Program Files\Java\jre6\lib\security\cacerts...
Opening connection to localhost:8443...
Starting SSL handshake...

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.
provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
        at com.sun.net.ssl.internal.ssl.Handshaker.process__record(Unknown Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
        at InstallCert.main(InstallCert.java:87)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertP
athBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
        at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
        at sun.security.validator.Validator.validate(Unknown Source)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
        at InstallCert$SavingTrustManager.checkServerTrusted(InstallCert.java:182)
        ... 9 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to reques
ted target
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
        at java.security.cert.CertPathBuilder.build(Unknown Source)
        ... 15 more

Server sent 1 certificate(s):

 1 Subject CN=yong mook kim, OU=mkyong, O=mkyong, L=puchong, ST=PJ, C=my
   Issuer  CN=yong mook kim, OU=mkyong, O=mkyong, L=puchong, ST=PJ, C=my
   sha1    32 3e 15 42 96 ba e9 4d 9c 5d e7 5e 6b 0f 30 23 b4 e3 f4 98
   md5     c8 dd a1 af 9f 55 a0 7f 6e 98 10 de 8c 63 1b a5

Enter certificate to add to trusted keystore or 'q' to quit:[1]1
[[  Version: V3
  Subject: CN=yong mook kim, OU=mkyong, O=mkyong, L=puchong, ST=PJ, C=my
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 1024 bits
  modulus: 1129473579651954554552730664834664064459539051598864058082387115962631728819634110255367718769683451438528187
923246533854744470790959477657386037636238098777089479256059697784394926741427654735994678054030193662669088404706890444
59364523220747231216704221781747262219695262340353839314222273672957748320603247
  public exponent: 65537
  Validity:[From: Tue Dec 14 15:13:51 SGT 2010,
               To: Mon Mar 14 15:13:51 SGT 2011]  Issuer: CN=yong mook kim, OU=mkyong, O=mkyong, L=puchong, ST=PJ, C=my
  SerialNumber:[   4d07192f]]  Algorithm:[SHA1withRSA]  Signature:
0000: 38 E4 F4 D9 51 B1 5F C1   01 13 32 79 DE 97 26 58  8...Q.__...2y..&X
0010: 13 08 F1 A0 33 DB B9 90   AF EE 9E AE B9 9B 68 7D  ....3.........h.
0020: DF E8 7D 79 9D 92 24 4A   76 C9 4C 28 DA 68 B0 62  ...y..$Jv.L(.h.b
0030: FF AB 27 03 5C DD 1F C8   77 A2 25 18 DF 0C DC FD  ..'.\...w.%.....
0040: D3 39 5D 18 B4 BA 4B 36   8C FD C5 80 FF F2 E3 4D  .9]...K6.......M
0050: 0A 28 57 B9 04 D8 25 F6   FB CA DA 13 0C 36 FB 02  .(W...%......6..
0060: 9A B3 B1 28 46 D1 8E C7   D9 1A 5B CE BB A6 6F FD  ...(F.....[...o.
0070: 6D F2 35 D9 95 43 6E 38   2A 56 E7 31 21 D9 F0 90  m.5..Cn8** V.1!...
]
Added certificate to keystore 'jssecacerts' using alias 'localhost-1'

3.信頼できるキーストアを確認する

`InstallCert`コマンドをもう一度実行してみてください。接続は今すぐOKです。

C:\>java InstallCert localhost:8443
Loading KeyStore jssecacerts...
Opening connection to localhost:8443...
Starting SSL handshake...

No errors, certificate is already trusted

Server sent 1 certificate(s):

 1 Subject CN=yong mook kim, OU=mkyong, O=mkyong, L=puchong, ST=PJ, C=my
   Issuer  CN=yong mook kim, OU=mkyong, O=mkyong, L=puchong, ST=PJ, C=my
   sha1    32 3e 15 42 96 ba e9 4d 9c 5d e7 5e 6b 0f 30 23 b4 e3 f4 98
   md5     c8 dd a1 af 9f 55 a0 7f 6e 98 10 de 8c 63 1b a5

Enter certificate to add to trusted keystore or 'q' to quit:[1]q
KeyStore not changed

C:\>

4.コピーjssecacerts

生成された " jssecacerts "ファイルを " $ JAVA__HOME \ jre \ lib \ security "フォルダにコピーします。

5.完了

Webサービスクライアントをもう一度実行すると、今すぐ動作するはずです。

次の投稿:java.lang.ClassNotFoundException:com.sun.xml.ws.transport.http.servlet.WSServletContextListener