解决unable to find valid certification path to requested target

Java程序使用http组件发起https请求报错

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
	at jodd.http.net.SocketHttpConnectionProvider.createHttpConnection(SocketHttpConnectionProvider.java:43)
	at jodd.http.HttpRequest.open(HttpRequest.java:550)
	... 3 more

这里使用joddhttp简单复现下：

<dependency>
            <groupId>org.jodd</groupId>
            <artifactId>jodd-http</artifactId>
            <version>5.0.13</version>
        </dependency>

public static void main(String[] args) {
        HttpResponse response = HttpRequest.post("https://xxxx.com/test/star/notice").send();
        System.out.println(response.bodyText());
    }

解决方案：
1.jdk导入对方证书
2.针对路径信任所有证书

导入证书：

# 导入
keytool -import -v -trustcacerts -alias star_cert -file d://star.com.cn.crt -storepass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
# 查看
keytool -list -v -storepass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts -alias star_cert
# 删除
keytool -delete -alias star_cert -storepass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts

信任证书：

public static void main(String[] args) {
        HttpResponse response = HttpRequest.post("https://xxxx.com/test/star/notice").trustAllCerts(true).send();
        System.out.println(response.bodyText());
}