PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilder...-Toy模板网

这篇具有很好参考价值的文章主要介绍了PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilder...。希望对大家有所帮助。如果存在错误或未考虑完全的地方，请大家不吝赐教，您也可以点击"举报违法"按钮提交疑问。

Elasticsearch 8.4.3

spring-boot-starter-data-elasticsearch https连接es [PKIX path building failed, unable to find valid certification path to requested target]错误的解决方法

项目maven依赖

<dependencies>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-web</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-data-elasticsearch</artifactId>
		</dependency>

		<dependency>
			<groupId>co.elastic.clients</groupId>
			<artifactId>elasticsearch-java</artifactId>
			<version>8.4.3</version>
		</dependency>

		<dependency>
			<groupId>com.fasterxml.jackson.core</groupId>
			<artifactId>jackson-databind</artifactId>
			<version>2.13.4</version>
		</dependency>

<!--		<dependency>-->
<!--			<groupId>jakarta.json</groupId>-->
<!--			<artifactId>jakarta.json-api</artifactId>-->
<!--			<version>2.0.1</version>-->
<!--		</dependency>-->

		<dependency>
			<groupId>org.projectlombok</groupId>
			<artifactId>lombok</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>
	</dependencies>

elasticsearch certs文件目录

elasticsearch pkix path building failed,kubernetes,Springboot,Elasticsearch,elasticsearch,java,大数据

查找当前项目使用的 jdk home path

elasticsearch pkix path building failed,kubernetes,Springboot,Elasticsearch,elasticsearch,java,大数据

进入jdk home path下的的lib下的secruity目录，然后导入证书

cd /Users/yanghaoyuan/Library/Java/JavaVirtualMachines/corretto-18.0.2/Contents/Home/lib/security

keytool -import -alias cacerts -keystore cacerts -file /Users/yanghaoyuan/Desktop/elasticsearch-8.4.3/config/certs/http_ca.crt

yanghaoyuan@MAGIT02238 security % keytool -import -alias cacerts -keystore cacerts -file /Users/yanghaoyuan/Desktop/elasticsearch-8.4.3/config/certs/http_ca.crt
所有者: CN=Elasticsearch security auto-configuration HTTP CA
发布者: CN=Elasticsearch security auto-configuration HTTP CA
序列号: 94b866feae9ca4e530a4908be65e61c876832ebf
生效时间: Tue Oct 18 08:43:20 CST 2022, 失效时间: Fri Oct 17 08:43:20 CST 2025
证书指纹:
	 SHA1: AE:6C:27:36:0F:95:3D:86:56:90:20:36:3A:54:03:F2:83:6F:46:6F
	 SHA256: C9:F8:82:4D:9D:B9:17:70:E3:4B:03:AF:B1:6D:6D:0C:CF:A9:46:0E:2E:54:98:7E:0B:FB:AA:BF:B5:32:B2:AE
签名算法名称: SHA256withRSA
主体公共密钥算法: 4096 位 RSA 密钥
版本: 3

扩展: 

#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 38 D9 54 2B 6A 94 85 A4   7A 7A E0 E7 A5 62 CE 89  8.T+j...zz...b..
0010: 1A EA A6 30                                        ...0
]
]

#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
  CA:true
  PathLen: no limit
]

#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 38 D9 54 2B 6A 94 85 A4   7A 7A E0 E7 A5 62 CE 89  8.T+j...zz...b..
0010: 1A EA A6 30                                        ...0
]
]

是否信任此证书? [否]:  是 
证书已添加到密钥库中

elasticsearch8.4.3 的https 连接配置

两种方式：

第一种方式

在application.yml 配置es连接凭证和连接地址，spring-boot-starter-data- elasticsearch依赖jar会读取配置自动初始化RestHighLevelClient

spring:
 elasticsearch:
   rest:
     uris: https://localhost:9200
     read-timeout: 10s
     username: "elastic"
     password: "BGF+ExXQJ7W4vOd+*a*d"

第二种方式：

如下写配置类

@Configuration
@EnableReactiveElasticsearchRepositories(basePackages = "com.im.elasticsearch.repository")
public class Config extends AbstractElasticsearchConfiguration {

    @Value("${elasticsearch.url}")
    public String elasticsearchUrl;

    @Bean
    @Override
    public RestHighLevelClient elasticsearchClient() {

            final ClientConfiguration configuration =
                    ClientConfiguration.builder()
                .connectedTo(elasticsearchUrl)
                    .usingSsl()
                .withBasicAuth("elastic", "BGF+ExXQJ7W4vOd+*a*d")
                .build();
        return RestClients.create(configuration).rest();

//        final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
//        credentialsProvider.setCredentials(AuthScope.ANY,
//                new UsernamePasswordCredentials("elastic", "BGF+ExXQJ7W4vOd+*a*d"));
//
//        RestClientBuilder restClientBuilder = RestClient.builder(
//                new HttpHost("localhost", 9200, "https")
//        );
//        RestClient restClient = restClientBuilder.setHttpClientConfigCallback(
//                new RestClientBuilder.HttpClientConfigCallback() {
//                    @Override
//                    public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpAsyncClientBuilder) {
//                        return httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
//                    }
//                }
//        ).build();
//
//        return new RestHighLevelClientBuilder(restClient)
//                .setApiCompatibilityMode(true)
//                .build();

    }
}

OK

elasticsearch pkix path building failed,kubernetes,Springboot,Elasticsearch,elasticsearch,java,大数据文章来源地址https://www.toymoban.com/news/detail-721874.html

到了这里，关于PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilder...的文章就介绍完了。如果您还想了解更多内容，请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章，希望大家以后多多支持TOY模板网！