概述
"%JAVA_HOME%binkeytool" -delete -alias tomcat -keypass changeit
"%JAVA_HOME%binkeytool" -genkey -alias tomcat -keypass changeit -keyalg RSA -validity 365
"%JAVA_HOME%binkeytool" -export -alias tomcat -keypass changeit
-file server.crt
"%JAVA_HOME%binkeytool" -import -alias tomcat -file server.crt -keystore "%JAVA_HOME%jrelibsecuritycacerts"
拒绝访问
C:Program FilesJavajre1.8.0_20libsecurity>keytool -import -keystore cacerts -file C:Userswhoserver.crt
输入密钥库口令:
所有者: CN=who-pc, OU=NMS, O=NMS, L=SHANGHAI, ST=SHANGHAI, C=CN
发布者: CN=who-pc, OU=NMS, O=NMS, L=SHANGHAI, ST=SHANGHAI, C=CN
序列号: 1cfba992
有效期开始日期: Mon Mar 16 21:55:25 CST 2015, 截止日期: Sun Jun 14 21:55:25 CST 2015
证书指纹:
MD5: 5D:1A:FA:F5:78:9E:78:FB:BD:A0:44:83:61:58:29:44
SHA1: DB:E2:92:09:79:A9:C7:64:BE:8F:0D:8A:05:FA:87:A7:F2:65:A9:70
SHA256: 28:C5:52:DE:1B:9B:7A:CE:99:42:C1:63:11:0D:EB:09:D5:5D:D9:57:97:45:9C:7C:B6:C4:55:EC:4C:5E:99:ED
签名算法名称: SHA256withRSA
版本: 3
扩展:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: EC CB FF AB B1 3D 4E F6
0E A6 D6 D3 19 7B 96 86
.....=N.........
0010: EA C9 E6 B5
....
]
]
是否信任此证书? [否]:
y
证书已添加到密钥库中
keytool 错误: java.io.FileNotFoundException: cacerts (拒绝访问。)
C:Program FilesJavajre1.8.0_20libsecurity>WIN7下的C:Program Files以及C:Program Files(x86)都是只有管理员权限才能访问的目录,所有写、修改操作都会遭遇”拒绝访问”
找不到有效证书
2015-03-17 19:31:34,057 [tomcat-https--2] DEBUG org.jasig.cas.client.validation.Cas20ServiceTicketValidator - Retrieving response from server.
2015-03-17 19:31:34,193 [tomcat-https--2] ERROR org.jasig.cas.client.util.CommonUtils - sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 51 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 57 more出现这个问题是因为CAS Server是用keytool自签发的证书,CAS Client并不信任这个证书。
最后
以上就是坚定黄豆为你收集整理的SSL证书安装错误的全部内容,希望文章能够帮你解决SSL证书安装错误所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复