hexingqing
2010-10-19 17:23
浏览 1.5k
已采纳

CAS配置问题:SunCertPathBuilderException: unable to find valid certification path to

我在机器上增加了一个127.0.0.1 www.test.com 的映射。并且生成、导入了证书。
我生成的keystoreFile 在目录C:/Documents and Settings/hexing/.keystor下。
cacerts文件在E:/Program Files/Java1.6/jre/lib/security/cacerts目录下。
Tomcat中server.xml问价添加内容:
port="8443" minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="C:/Documents and Settings/hexing/.keystore" keystorePass="changeit"
truststoreFile="E:/Program Files/Java1.6/jre/lib/security/cacerts"
clientAuth="false" sslProtocol="TLS"/>
CAS—server版本:3.4.3
CAS-client版本:
JDK版本:1.6.0
Tomcat版本:6.0
当我用一个例子去登陆时,可以打开CAS的登陆页面。但是只要填入用户名密码登陆就报错,请问怎么解决:[/size][/size]
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84)
at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212)
at edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50)
at edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.struts2.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:413)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:261)
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:852)
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:584)
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1508)
at java.lang.Thread.run(Unknown Source)

  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

3条回答 默认 最新

  • iteye_19165 2010-10-19 22:19
    已采纳

    请确认客户端所使用的jdk,应将证书导入到程序执行时真正使用的jdk中。

    已采纳该答案
    评论
    解决 无用
    打赏 举报
  • chen_fei123 2019-12-19 14:54

    我将证书导入使用的jdk中还是不行,客户端仍然报错Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    评论
    解决 无用
    打赏 举报
  • dragonzoebai 2021-05-12 17:24

    比如你生成的证书在C:/Java/jdk1.8.0_101/jre/lib/security/cacerts,而开发环境配置的jdk却是C:\Java\jre1.8.0_101,使用的jdk不一致导致错误。

    评论
    解决 无用
    打赏 举报

相关推荐 更多相似问题