保护 Web 服务:有效的 SSL 密钥错误“ValidatorException:PKIX 路径构建失败”
我想使用 Netbeans 和 mechansim 来保护 Web 服务:“通过 SSL 进行消息身份验证”,我会执行 Netbeans 文档和 Sun WSIT教程告诉你要做的。我还在客户端 jre 中导入生成的 SSL 密钥,但是当我运行客户端代码时,仍然出现此错误:
无法访问 WSDL:
https://localhost:8443/SecureWebService?wsdl。它失败了:sun.security.validator.ValidatorException:PKIX 路径构建失败:un.security.provider.certpath。 SunCertPathBuilderException:无法找到请求目标的有效证书路径。
有人可以帮助我吗?
I want to secure a webservice using Netbeans with mechansim : "Message Authentication over SSL" and I do everything that Netbeans documentation and
Sun WSIT tutorial told to do. I also import the generated SSL key in client jre but when I run the client code, I still got this error :
Failed to access the WSDL at:
https://localhost:8443/SecureWebService?wsdl. It failed with: sun.security.validator.ValidatorExcepti on: PKIX pathbuilding failed: un.security.provider.certpath. SunCertPathBuilderException: unable to find validcertification path to requested target.
can someone help me please ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
客户端似乎无法验证整个证书路径。客户端证书是自签名的吗?可能是您的证书颁发机构未知。如果这是问题所在,您可以使用以下脚本导入 CA 的公钥:
您也可以在 Windows 计算机上使用 keytool 命令。
Looks as if the client isn't able to validate the whole certificate path. Is the client certificate self-signed? Might be that your certificate authority is unknown. If this is the problem, you may import your CA's public key using this script:
You may use the keytool commands on Windows machines as well.
您可以尝试将 sfussenegger 脚本中的 keytool 命令替换为:
然后该脚本会将您的自签名证书作为受信任的 CA 证书导入根密钥库,这将提供有效的证书路径来验证服务器的身份。
you can try replacing the keytool command in sfussenegger's script to:
Then the script would import your self signed certificate into the root keystore as a trusted CA Certificate, which would provide a valid certification path to verify the identity of the server.