java ssl使用自定义证书

1.证书错误

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

2.生成客户端证书

openssl x509 -in <(openssl s_client -connect 192.168.11.19:8101 -prexit 2>/dev/null) -out 11_19_8101.crt

       会在当前文件夹下生成11_19_8101.crt;如果是其它网址,相应的替换192.168.11.19:8101

3.证书导入到jvm

        到{jdk_home}/jre/bin下,执行下面命令,密码输入changeit,后面提示是否信任该证书,输入Y

keytool -keystore ..\lib\security\cacerts -import -alias 192.168.11.19 -file /home/11_19_8101.crt

4.验证jdk证书是否生效

         验证http请求的java

import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;/*** @description http request test* javac HttpTest.java* java HttpTest url param* @date 2024/08/21*/
public class HttpTest {public static void main(String[] args) {try {URL url = new URL(args[0]);HttpURLConnection connection = (HttpURLConnection) url.openConnection();connection.setRequestMethod("POST");connection.setRequestProperty("Content-Type", "application/json");connection.setDoOutput(true);try (OutputStream os = connection.getOutputStream();InputStream is = connection.getInputStream()) {os.write(args[1].getBytes());System.out.println(new String(is.readAllBytes()));}int responseCode = connection.getResponseCode();if (responseCode == HttpURLConnection.HTTP_OK) {System.out.println("http request success");}} catch (Exception e) {e.printStackTrace();}}}

 在服务器上执行命令

javac HttpTest.java
java HttpTest https://192.168.xx.xx:6666/callback/basic {"name":"123456"}

 

参考资料:

ssl - Java: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target - Stack Overflow