java ldap ssl_LdapTemplate忽略ssl证书

一、背景

最近做JAVA的LDAP操作,使用的是Spring的LdapTemplate,基本上一个bean注入就完成了LdapTemplate的初始化,正常连接389端口,现在要要试一下HTTPS的连接方式

spring.ldap:

urls: ldap://ip:389

base: dc=xxx,dc=com

username: xxx

password: xxx

@Bean

public LdapTemplate firstLdapTemplate() {

LdapContextSource contextSource = new LdapContextSource();

contextSource.setUrl(url);

contextSource.setBase(base);

contextSource.setUserDn(username);

contextSource.setPassword(password);

contextSource.setPooled(false);

contextSource.afterPropertiesSet(); // important

LdapTemplate template = new LdapTemplate(contextSource);

return template;

}

二、采坑

把urls改成了:ldaps://xxx:636,启动报错,收到了如下错误:

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)

at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)

at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)

at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)

at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)

at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)

at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882)

at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)

at java.io.BufferedInputStream.fill(BufferedInputStream.java:235)

at java.io.BufferedInputStream.read1(BufferedInputStream.jav

你可能感兴趣的:(java,ldap,ssl)