日期:2014-05-17  浏览次数:20831 次

cas客户端问题(unable to find valid certification path to requested target)
tomcat server配置

 <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
  maxThreads="150" scheme="https" secure="true"
  clientAuth="false" sslProtocol="TLS" 
keystoreFile="d:/cas/zs/root.keystore" keystorePass="mh198406*"
 

/>




运行客户端时可以跳到csa登陆界面,输入用户名和密码后就报错

java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:341)
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:305)
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:50)
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:207)
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:169)
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:116)
org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:76)

其他的操作都是安装网上教程走下来的,就走到这一步出错了,实在搞不明白,求高手指点下

补充:

证书信息:
CN=localhost,OU=webber,0=webber......
没有过期

证书已经导入到C:\Java\jdk1.6.0_10\jre\lib\security,而且tomcat是安装版的,用的是证书导入的jre

------解决方案--------------------
确认下C:\Java\jdk1.6.0_10\jre\lib\security\cacerts中是否存在你己经导入的证书信息