英文:
Java application show PKIX path building failed when calling external api
问题
我的应用程序正在运行,用于从一个https网站上获取数据,比如说https://api.something.com。
当我使用Apache HttpClient调用时,使用HttpClients.createDefault()方法,它返回上述错误,显示PKIX路径构建失败。
即使我使用Postman调用该API,我仍然需要禁用SSL证书验证才能使调用成功。
我的问题是:
-
这是一种单向SSL验证吗?因为我没有向该域提交数据,我只是从中提取数据。所以服务器不需要知道我是谁。但我可以确定我确实调用了那个服务器,并且API响应也来自该域(没有中间人)。我的概念正确吗?
-
那么,要解决这个问题,我可以只使用一个虚拟的SSL上下文吗?
非常感谢。
英文:
My application is running for fetch data from a website with https:
let say
https://api.something.com
When I call with Apache HttpClient using HttpClients.createDefault();
It return the above error show PKIX path building failed.
Even I use Postman to call the api. I still need to disable SSL certification verification to make the call success.
My question is:
-
Is this is a one way ssl verification? because I don't post data to that domain. I only pull data from it. So server don't have to know who I am. But I can know that's exactly the server I call, and api response is from that domain as well (no middle man). Is my concept correct?
-
So to resolve this problem, can I just use a dummy sslContext?
thanks a lot
答案1
得分: 0
是的,这可能是一种 TLS 方式,但您应该在 Java(或其他客户端)的信任存储中拥有颁发服务器证书的 CA 的证书,以建立 SSL 连接。
英文:
Yes it may be one way TLS but you should have the certificate of CA that issued the certificate of your server in your trust store in java (or other client) to have SSL connection.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论