Nutz
  1. 主页/
  2. 问答
NutzCN Logo
问答 ngrok连接报错。。。。
发布于 2785天前 作者 onemena 2763 次浏览 复制 上一个帖子 下一个帖子
标签:

错误如下

017-4-1 17:16:18.388 INFO [main] Select SystemLog as Nutz.Log implement
2017-4-1 17:16:18.442 DEBUG [main] config key=to_host value=119.28.66.185
2017-4-1 17:16:18.452 DEBUG [main] config key=to_port value=9080
2017-4-1 17:16:18.511 DEBUG [main] Using 95 castor for Castors
2017-4-1 17:16:18.514 DEBUG [main] config key=srv_host value=onemena.net
2017-4-1 17:16:18.515 DEBUG [main] config key=auth_token value=aabbccddeeff
2017-4-1 17:16:18.988 DEBUG [pool-1-thread-1] write msg = {"Type":"Auth","Payload":{"Version":"2","MmVersion":"1.7","User":"aabbccddeeff","Password":"","OS":"windows","Arch":"386","ClientId":"","GzipProxy":false}}
2017-4-1 17:16:19.94 DEBUG [pool-1-thread-1] something happen
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
	at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
	at java.io.OutputStream.write(OutputStream.java:75)
	at org.nutz.plugins.ngrok.common.NgrokAgent.writeMsg(NgrokAgent.java:38)
	at org.nutz.plugins.ngrok.common.NgrokMsg.write(NgrokMsg.java:118)
	at org.nutz.plugins.ngrok.client.NgrokClient.run(NgrokClient.java:151)
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	at sun.security.validator.Validator.validate(Validator.java:260)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491)
	... 16 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
	... 22 more
21 回复

这是你自己的域名? onemena.net ?? 用的是自签名的证书?

@wendal

自签名证书是不行的, https://letsencrypt.org/ 申请一个合法的.

@wendal 就是在这申请的

jdk版本多少?

java version "1.8.0_112"
Java(TM) SE Runtime Environment (build 1.8.0_112-b15)
Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode)

服务器上也是这个版本?

服务器上

java version "1.8.0_112"
Java(TM) SE Runtime Environment (build 1.8.0_112-b15)
Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode)

[root@VM_120_66_centos ssl]# ll
total 2340
-rw-r--r-- 1 root root     543 Apr  1 10:40 README
-rw-r--r-- 1 root root    2877 Apr  1 10:47 cert.p12
-rw-r--r-- 1 root root    1785 Apr  1 10:40 cert.pem
-rw-r--r-- 1 root root    1647 Apr  1 10:40 chain.pem
-rw-r--r-- 1 root root    3432 Apr  1 10:40 fullchain.pem
-rw------- 1 root root 2361357 Apr  1 11:27 nutz-plugins-ngrok.jar
-rw-r--r-- 1 root root    2626 Apr  1 10:48 onemena.net.jks
-rw-r--r-- 1 root root    1704 Apr  1 10:40 privkey.pem

@wendal 是key的问题么?

额,就是服务器端和客户端都是1.8.0_112 ?? 因为Java 8u101 开始才知道letsencrypt

@wendal 啥意思?

@wendal
是服务器端和客户端都是1.8.0_112

要不你先连一下nutzcn的ngrok服务试试? 密钥在个人主页能找到

连接 nutzcn 是没问题的
@wendal

pem文件的证书怎么转换为p12的?

http://stackoverflow.com/questions/10994116/openssl-convert-pem-containing-only-rsa-private-key-to-pkcs12

恩, 连nutzcn正常,那客户端是ok的咯

@wendal 暂时怀疑是 key 的问题 ,重新搞下Key

原因是java不认letsencrypt的证书, 已修改NgrokClient, 让其不校验证书合法性

https://github.com/nutzam/nutzmore/commit/f2272924a627900e0cc7da008f03575e6edcf69e

学习了。谢谢

添加回复
请先登陆
回到顶部