问题现象
Java Spring应用发送数据报如下问题。
2022-10-06 10:04:19.068 ERROR 23100 --- [nio-8081-exec-1] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not connect to SMTP host: smtp.chinaxxx.com, port: 443;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Failed messages: javax.mail.MessagingException: Could not connect to SMTP host: smtp.chinaxxx.com, port: 443;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; message exceptions (1) are:
Failed message 1: javax.mail.MessagingException: Could not connect to SMTP host: smtp.chinaxxx.com, port: 443;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] with root cause
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596)
解决方法
复制附录代码到文本文件中,改名为InstallCert.java。然后分别执行如下两条命令。
D:\Java\jdk1.8.0_221\bin\javac D:\code\InstallCert.java
java InstallCert smtp.chinaxxx.com:443;
说明:网址处不需要输入(https://)信息,比如 smtp.chinaxxx.com:443 。
随后服务器会返回认证的主题,发行方,加密方式等信息。
在这里输入1后,回车。
Enter certificate to add to trusted keystore or 'q' to quit: [1] 在code目录下会生成文件jssecacerts,自此认证过程结束。
替换证书
将生成的jssecacerts文件复制到 jdk的相应路径下即可。
windows系统一般需要首先找到jdk安装路径
D:\Java\jdk1.8.0_221\jre\lib\security
如果是Linux系统,需要首先使用 scp 命令 将 jssecacerts 传输至服务器。
标签:java,SSLHandshakeException,sun,ssl,path,security,javax From: https://www.cnblogs.com/tianyuanblog/p/16757128.html如果应用运行在 docker ,jdk通常在这个地方
/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/lib/security/
/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/ (和上面其实一样)
替换完后,重启 docker 即可。