个人中心
gpt4 book ai didi

java - 针对官方 Docker 镜像 microProfile3java11 打开 Liberty SSLHandshakeException

转载 作者:行者123 更新时间:2023-12-02 09:37:11 25 4
gpt4 key购买 nike

我正在尝试访问虚拟 REST API,例如 https://reqres.in/api/usershttps://jsonplaceholder.typicode.com/todos使用简单的 JAX-RS 客户端,例如:

public class RandomDataProvider {

    private WebTarget webTarget;

    @PostConstruct
    public void setUp() {
        Client client = ClientBuilder.newBuilder()
                .connectTimeout(5, TimeUnit.SECONDS)
                .readTimeout(5, TimeUnit.SECONDS)
                .build();

        this.webTarget = client
                .target("https://reqres.in/api/users");
    }


    public JsonArray getAllPosts() {
        return this.webTarget
                .request()
                .accept(MediaType.APPLICATION_JSON)
                .get(JsonArray.class);
    }
}

但每次我尝试使用 HTTPS 时,我都会收到 SSLHandshakeExeption,服务器是:无法找到请求目标的有效证书路径:

[ERROR   ] SRVE0283E: Exception caught while initializing context: javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://reqres.in/api/users: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at org.apache.cxf.jaxrs.client.AbstractClient.checkClientException(AbstractClient.java:640)
        at [internal classes]
        at de.rieckpil.udemy.RandomDataProvider.getAllPosts(RandomDataProvider.java:32)
        at de.rieckpil.udemy.RandomDataPrinter.initialize(RandomDataPrinter.java:17)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at org.jboss.weld.injection.StaticMethodInjectionPoint.invoke(StaticMethodInjectionPoint.java:95)
        at [internal classes]
Caused by (repeated) ... : javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://reqres.in/api/users: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
        at java.base/java.lang.reflect.Constructor.newInstance(Unknown Source)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1451)
        ... 9 more
Caused by: java.security.cert.CertificateException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted(WSX509TrustManager.java:806)
        ... 9 more

Dockerfile 如下所示:

FROM open-liberty:microProfile3-java11
COPY --chown=1001:0  target/mywar.war /config/dropins/

我假设此官方 Docker 镜像使用 JDK 可信证书,还是我必须在自己的 server.xml 中显式配置它?

最佳答案

自上一篇文章以来,这实际上变得更加容易配置。 ssl 元素上有一个属性,它会告诉 SSL 上下文除了配置信任库之外还使用 JVM 的默认信任库。

<ssl id="defaultSSLConfig" keyStoreRef="defaultKeyStore" trustDefaultCerts="true" />

关于java - 针对官方 Docker 镜像 microProfile3java11 打开 Liberty SSLHandshakeException,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57406422/

25 4 0
文章推荐: java - 定时器任务中的run方法执行了两次
文章推荐: linux - google-chrome 无法移动到新的命名空间
文章推荐: emacs - 与 Emacs Ediff : How can I take the changes of both versions 的冲突解决
文章推荐: java - 如何使用jetty和spring boot收集并获取连接池统计信息?
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com