【cas、tomcat】SunCertPathBuilderException: unable to find valid certification path to requested target
2015-12-31 14:55
701 查看
异常栈:
HTTP Status 500 - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targettype Exception report
message javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
description The server encountered an internal error that prevented it from fulfilling this request.
exception
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:407) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
root cause
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.ssl.Alerts.getSSLException(Alerts.java:192) sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904) sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279) sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446) sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209) sun.security.ssl.Handshaker.processLoop(Handshaker.java:913) sun.security.ssl.Handshaker.process_record(Handshaker.java:849) sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023) sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
root cause
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) sun.security.validator.Validator.validate(Validator.java:260) sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428) sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209) sun.security.ssl.Handshaker.processLoop(Handshaker.java:913) sun.security.ssl.Handshaker.process_record(Handshaker.java:849) sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023) sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
root cause
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) sun.security.validator.Validator.validate(Validator.java:260) sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428) sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209) sun.security.ssl.Handshaker.processLoop(Handshaker.java:913) sun.security.ssl.Handshaker.process_record(Handshaker.java:849) sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023) sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
note The full stack trace of the root cause is available in the Apache Tomcat/7.0.65 logs.
Apache Tomcat/7.0.65
原因:
本地证书和server端证书不一致。参考:http://stackoverflow.com/questions/7709540/how-to-solve-sun-security-provider-certpath-suncertpathbuilderexception
https://confluence.atlassian.com/display/KB/Unable+to+Connect+to+SSL+Services+due+to+PKIX+Path+Building+Failed http://stackoverflow.com/questions/1828775/how-to-handle-invalid-ssl-certificates-with-apache-httpclient
解决:
将cas-server端证书,放到cas-client的jdk中。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- session超时设置
- maven 部署一个Java web application到本地(或者远程)的tomcat
- 启动Tomcat提示:指定的服务未安装
- Maven环境下实现Web工程自动部署到Tomcat
- Java Hibernate:调试 Jsp 时重启 Tomcat 以禁用缓存
- Apache 和 Tomcat 的区别与联系
- Tomcat中更改网站根目录和默认页的配置方法
- Tomcat内存溢出的三种情况及解决办法分析
- CentOS 添加配置多个Tomcat
- Tomcat与Jre绿色环境配置(生产环境)
- 加大tomcat的java内存
- 在linux环境下部署tomcat应用+配置优化
- java_tomcat部署
- 【tomcat】Windows下部署多个tomcat容器的问题
- Linux下查看Tomcat的控制台输出信息
- Linux下Tomcat重新启动
- MyEclipse下Tomcat启动变慢的解决方法
- nginx+tomcat绑定域名配置记录
- Tomcat7.0安装配置详细(图文)
- 配置Tomcat