“无法找到要求目标的有效认证路径”当我向网址发布https请求时
问题描述:
我已经完成了在本地Tomcat中配置SSL。
当我调用getOutputStream()
I have completed configuring SSL in my local Tomcat.
And the exception was thrown when I call getOutputStream()
public static InputStream send( String uri, Map<String, String> queryString,
Map<String, String> headers, String method, String reqBody) throws IOException
{
String body = (reqBody != null ? reqBody : "");
//URL myURL = new URL(addUrlParam(uri, queryString));
URL myURL = new URL(uri);
HttpURLConnection httpConn = (HttpURLConnection)myURL.openConnection();
httpConn.setRequestMethod(method);
httpConn.setRequestProperty("Content-Length", String.valueOf(body.toString().getBytes().length));
if ( headers != null ) {
for ( String key : headers.keySet() ) {
httpConn.setRequestProperty(key, headers.get(key));
}
}
httpConn.setDoInput(true);
//POST
if (!HTTP_GET.equals(method) || body.length() > 0) {
httpConn.setDoOutput(true);
httpConn.setUseCaches(false); //POST do not use user caches
***httpConn.getOutputStream().write(body.toString().getBytes());***
httpConn.getOutputStream().flush();
}
return httpConn.getInputStream();
}
如何解决问题?
提前感谢!
答
Java需要有一个已知根CA的认证路径。如果您尝试访问具有自签名证书的站点,则需要将自签名证书的CA密钥作为CA密钥添加到密钥库中。假设您的CA证书在文件 cacert.pem 中,请使用 keytool ,如下所示:
Java requires a valid certification path to a known root CA. If you are trying to access a site with a self-signed certificate you will need to add the CA key for the self-signed cert to your keystore as a CA key. Assuming your CA certificate is in a file cacert.pem, use keytool as follows:
keytool -importcert -file cacert.pem -keystore client.jks -storepass some-password