异常信息
1. `javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification p`
2. `ath to requested target`
3. `at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)`
4. `at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)`
5. `at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)`
6. `at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)`
7. `at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)`
8. `at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)`
9. `at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)`
10. `at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)`
11. `at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)`
12. `at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)`
13. `at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)`
14. `at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)`
15. `at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:275)`
16. `at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:254)`
17. `at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:123)`
18. `at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:318)`
19. `at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:363)`
20. `at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:219)`
21. `at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195)`
22. `at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86)`
23. `at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108)`
24. `at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)`
25. `at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)`
26. `at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)`
27. `at com.gemantic.wealth.admin.util.WxpayUtil.refund(WxpayUtil.java:111)`
28. `at com.gemantic.wealth.admin.controller.RefundsController.verifyDebt(RefundsController.java:520)`
29. `at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
30. `at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)`
31. `at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)`
32. `at java.lang.reflect.Method.invoke(Method.java:606)`
33. `at org.springframework.web.method.support.InvocableHandlerMethod.invoke(InvocableHandlerMethod.java:213)`
34. `at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:126)`
35. `at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:96)`
36. `at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:617)`
37. `at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:578)`
38. `at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:80)`
39. `at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:923)`
40. `at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852)`
41. `at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)`
42. `at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:789)`
43. `at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)`
44. `at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)`
45. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)`
46. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
47. `at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)`
48. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)`
49. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
50. `at org.jasig.cas.client.util.AssertionThreadLocalFilter.doFilter(AssertionThreadLocalFilter.java:54)`
51. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)`
52. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
53. `at org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:75)`
54. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)`
55. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
56. `at org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:201)`
57. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)`
58. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
59. `at com.gemantic.wealth.admin.ArthurFilter.doFilter(ArthurFilter.java:83)`
60. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)`
61. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
62. `at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:76)`
63. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)`
64. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
65. `at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)`
66. `at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)`
67. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)`
68. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
69. `at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:88)`
70. `at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)`
71. `at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)`
72. `at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)`
73. `at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)`
74. `at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)`
75. `at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)`
76. `at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)`
77. `at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)`
78. `at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)`
79. `at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)`
80. `at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)`
81. `at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)`
82. `at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314)`
83. `at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)`
84. `at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)`
85. `at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)`
86. `at java.lang.Thread.run(Thread.java:745)`
87. `Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target`
88. `at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)`
89. `at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)`
90. `at sun.security.validator.Validator.validate(Validator.java:260)`
91. `at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)`
92. `at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)`
93. `at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)`
94. `at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)`
95. `... 79 more`
96. `Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target`
97. `at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)`
98. `at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)`
99. `at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)`
100. `... 85 more`
异常原因
这是缺少安全证书时出现的异常
分析问题
- 本地开发并单元测试通过
- 测试环境API接口测试通过,服务器192.168.1.20
- 测试环境管理后台的退款操作,调用接口抛出上面的异常,服务器192.168.1.23
20、23的系统、配置、安装的软件等完全一样,出现这种情况的原因感觉很奇怪。唯一的区别就是23服务器上的管理后台与CAS进行了集成 。
解决方案
- 第一步想到的是把从微信网站上下载的证书导入到jdk的
cacerts中
keytool-import-keystore"$JAVA\_HOME/jre/lib/security/cacerts"-file/data/admin-web/cer/web/apiclient\_cert.p12-aliasstaging\_wx\_web
提示错误:
keytool错误:java.lang.Exception:所输入的不是X.509证书
- 第二试着从chrome浏览器中导出证书的cer格式文件,另存为weixin.cer
- 将上面导出的证书上传到服务器23的/home/look目录下,然后导入
$JAVA\_HOME/jre/lib/security/cacerts中
keytool-import-keystore"$JAVA\_HOME/jre/lib/security/cacerts"-file/home/look/weixin.cer-aliasstaging\_wx
输入密码,按提示输入“是”,完成证书的导入。可以再次查看证书库 keytool-list-keystore $JAVA\_HOME/jre/lib/security/cacerts,此时已经总数已经多了一个,添加成功
- 证书配置完成后,重启一下服务。再次测试成功~
欢迎留言讨论~