解决Springboot发起https请求报错:sun.sec urity.validator.ValidatorException: PKIX path building failed

问题描述

最近开发项目中在springboot接口中调用第三方https接口,后台日志报错:
sun.sec urity.validator.ValidatorException: PKIX path building failed
意思就是非安全的调用,java不认识这个接口证书。

报错原因

java security仓库中没有这个第三方站点的SSL证书,调用失败。

解决方案

方案一: 手动导入网站证书到java security库

弊端:换了一个SSL证书有需要导入一次,很麻烦。不推荐。
可参考我另一篇文章:
https://blog.csdn.net/IndexMan/article/details/128658805

方案二:彻底解决,一劳永逸

新增工具类

import javax.net.ssl.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
/**
 * java security信任SSL证书工具类
 */
public class SslUtils {
    private static void trustAllHttpsCertificates() throws Exception {
        TrustManager[] trustAllCerts = new TrustManager[1];
        TrustManager tm = new miTM();
        trustAllCerts[0] = tm;
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, null);
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    }
 
    static class miTM implements TrustManager,X509TrustManager {
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
 
        public boolean isServerTrusted(X509Certificate[] certs) {
            return true;
        }
 
        public boolean isClientTrusted(X509Certificate[] certs) {
            return true;
        }
 
        public void checkServerTrusted(X509Certificate[] certs, String authType)
                throws CertificateException {
            return;
        }
 
        public void checkClientTrusted(X509Certificate[] certs, String authType)
                throws CertificateException {
            return;
        }
    }
     
    /**
     * 忽略HTTPS请求的SSL证书
     */
    public static void ignoreSsl() throws Exception{
        HostnameVerifier hv = new HostnameVerifier() {
            public boolean verify(String urlHostName, SSLSession session) {
                return true;
            }
        };
        System.out.println("已忽略HTTPS请求的SSL证书!");
        trustAllHttpsCertificates();
        HttpsURLConnection.setDefaultHostnameVerifier(hv);
    }
}

在启动类中调用工具类

@SpringBootApplication
public class WebApplication {

    public static void main(String[] args) {
        SpringApplication.run(WebApplication .class, args);
    }
    // 调用工具类中的方法
    @PostConstruct
    public void run() throws Exception{
        SslUtils.ignoreSsl();
    }
}
posted @ 2024-01-16 21:11  一锤子技术员  阅读(1099)  评论(0编辑  收藏  举报  来源