文
章
目
录
章
目
录
最近在使用公司内部对OpenFeign进行二次封装的框架进行远程调用histroian库的REST API接口时,出现ERROR SSLHandshakeException异常报错,具体错误信息如下:
ERROR SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (135ms)
17:01:22.554 [main] DEBUG feign.Logger – [HisService#getToken] javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
17:01:22.554 [main] DEBUG feign.Logger – [HisService#getToken] javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
截图如下:

问题原因
出现ERROR SSLHandshakeException报错主要原因使用了https
请求,但是服务器并没有安装证书,所有只有绕过ssl验证才行,出现这个问题的就是因为没绕过去,其实代码是是想绕过但是,写错了部分代码,导致没绕过去。
问题代码展示
下面我们来贴出问题代码,之前错就错在TrustAllManager
中的实现方法checkServerTrusted和checkClientTrusted都主动throw了一个新的异常出去,导致验证永远有异常,属于低级错误了。其实直接如下,这两个方法体中do nothing啥也不做即可。
private static class TrustAllManager implements X509TrustManager { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { // Do nothing } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { // Do nothing } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }
然后改完之后,问题就解决了,再去发送https请求就正常了。