MacOS解决自签名 maven 报错 sun.security.validator.ValidatorException: PKIX path building failed
金坚
项目场景:
自己搭建 Maven 服务器,用于存放一些私有的java library
问题描述
提示:这里描述项目中遇到的问题:
由于使用了自签名证书,在mac上实际使用时报错,报错如下:
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
... 16 more
原因分析:
这里是因为自签名证书无法通过 MVN SSL验证
解决方案:
尝试给mvn/sbt等工具添加-Djavax.net.ssl.trustStore参数,发现没用。
尝试使用
openssl x509 -in <(openssl s_client -connect example.com:443 -prexit 2>/dev/null) -out ~/example.crt
sudo keytool -importcert -file ~/example.crt -alias example -keystore $(/usr/libexec/java_home)/jre/lib/security/cacerts -storepass changeit
成功,注意这里java_home的路径要使用和mvn/sbt等进程相同的java_home,IDEA可以在settings里面进行查看和修改。
类似资料: