我正在尝试在 DocuSign API 工作流 (http://iodocs.docusign.com/APIWalkthrough/requestSignatureFromDocument) 中运行示例程序来发送一个简单的文档来请求签名。我用我的值替换了程序中选定的变量(通过 docContentType 的 integratorKey),并且能够在 上周 成功发送请求。但是今天,当我运行示例程序时,特别是在调用 conn.getResponseCode() 方法的第 65 行,我遇到了“无法找到到请求目标的有效证书路径”错误。完整的堆栈跟踪如下所示:
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
at com.helloworld.RequestSignatureDocument.main(RequestSignatureDocument.java:62)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 13 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 19 more
我在 DocuSign DevZone 文件中查找了这个错误,并找到了这个引用:http://community.docusign.com/t5/DocuSign-API-Integration-Java-READ-ONLY/ValidatorException-while-sending-document-to-Docusign-demo/m-p/6771/highlight/true .那里的答案指向另外两个链接,这基本上需要下载一个名为 InstallCert.java 的 Java 程序并运行它以获取一些证书信息,然后安装证书。它应该在本地安装证书,然后当您第二次运行该程序时它应该可以识别该证书。
这对我不起作用!
如何使示例 RequestSignatureDocument.java 程序运行?
http-colon-//iodocs.docusign.com/APIWalkthrough/requestSignatureFromDocument中第65行左右出现如下: `
// obtain baseUrl and accountId values from response body
response = getResponseBody(conn);
baseURL = parseXMLBody(response, "baseUrl");
`
最佳答案
我不能肯定地说这就是我的问题的答案,因为我没有收到来自 DocuSign 的任何反馈,但是经过整整两天的搜索文档、博客、StackOverflow 等,我认为我终于有了一个工作解决方案。我遵循了 How can I use certificate authentication with HttpsURLConnection? 上发布的大部分步骤并且能够连接并发送文档以供签名。
那感觉真好!但是后来我尝试了上面帖子顶部引用的原始 java 程序,现在它可以工作了,就像上周一样(但不是本周的前几天)。因此,我在 SSL 上所做的工作、将证书导入我的 keystore 等都没有相关性或意义。
我想我这么想很天真,但我必须假设 DocuSign 的某个人上周更改了一些东西,然后今天又改回来了。
如果我的假设是错误的,并且 DocuSign 的某个人可以纠正我的错误,那就太好了。迟到总比不到好。但在事情发生变化之前,我的问题似乎已经“解决”了。
关于java - DocuSignAPI:无法找到请求目标的有效证书路径,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27490976/