How to solve javax. On heroku net. ssl. SSLHandshakeException?
•
Java
I encountered sslhandshakeexception on heroku
This application is not an SSL application But the application calls an SSL based web API from within the application Generally, using keytool to use SSL certificate for JVM can solve this kind of problem
But how can I do this on heroku?
Record here:
2012-06-12T11:08:08+00:00 app[web.1]: Caused by: sun.security.validator.ValidatorException: PKIX path building Failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:324) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.validator.Validator.validate(Validator.java:235) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.ssl.x509trustmanagerImpl.validate(x509trustmanagerImpl.java:147) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.ssl.x509trustmanagerImpl.checkServerTrusted(x509trustmanagerImpl.java:230) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.ssl.x509trustmanagerImpl.checkServerTrusted(x509trustmanagerImpl.java:270) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:197) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:255) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:319) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.validator.Validator.validate(Validator.java:235) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.ssl.x509trustmanagerImpl.validate(x509trustmanagerImpl.java:147) ~[na:1.6.0_20] 2012-06-12T11:08:08+00:00 app[web.1]: at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:224) ~[na:1.6.0_20]
Solution
When you establish an SSL connection with the server, you should have the server's certificate in the client truststore
You should import the server certificate into the keystore and use javax net. ssl. Truststore and javax net. ssl. Truststorepassword specifies the keystore
Check that these properties are specified If specified, check that they point to the keystore correctly
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
二维码