webSocket wss请求提示 unable to find valid certification path to requested target

描述

程序一直在正式环境正常运行,最近发现请求websocket时提示错误
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

完整错误信息如下:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: 
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
        at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:928)
        at sun.security.ssl.AppInputStream.read(AppInputStream.java:105)
        at java.io.InputStream.read(InputStream.java:101)
        at org.java_websocket.client.WebSocketClient.run(WebSocketClient.java:277)
        at java.lang.Thread.run(Thread.java:745)

解决方法

在构造函数中添加如下代码

		// Create a trust manager that does not validate certificate chains
		TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
				return new java.security.cert.X509Certificate[]{};
			}
			public void checkClientTrusted(X509Certificate[] chain,
										   String authType) throws CertificateException {
			}
			public void checkServerTrusted(X509Certificate[] chain,
										   String authType) throws CertificateException {
			}
		}};

完整代码如下

	/**
	 * 构造函数 创建WebSocket链接
	 * 
	 * @param serverURI
	 * @return void
	 */
	public TtsWebSocketClient(URI serverURI) {
		
		super(serverURI);
		
		// Create a trust manager that does not validate certificate chains
		TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
				return new java.security.cert.X509Certificate[]{};
			}
			public void checkClientTrusted(X509Certificate[] chain,
										   String authType) throws CertificateException {
			}
			public void checkServerTrusted(X509Certificate[] chain,
										   String authType) throws CertificateException {
			}
		}};
		SSLContext sslContext = null;
		try {
			sslContext = SSLContext.getInstance("TLS");
			//sslContext.init(null, null, null);
			sslContext.init(null, trustAllCerts, new java.security.SecureRandom());

		} catch (NoSuchAlgorithmException e) {
			e.printStackTrace();
		} catch (KeyManagementException e) {
			e.printStackTrace();
		}
		SSLSocketFactory factory = sslContext.getSocketFactory();
		try {
			this.setSocket(factory.createSocket());
		} catch (IOException e) {
			e.printStackTrace();
		}
	}

你可能感兴趣的:(Java)