问题描述
我正在尝试通过空手道关闭SSL证书验证.目前,我遇到了错误:
I'm trying to turn off SSL certificate verification through karate. For now I'm getting error:
13:27:14.668 [main] ERROR com.intuit.karate - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, http call failed after 133 milliseconds for URL: https://VRNV02AS04294.int.carlsonwagonlit.com:8443/admin/property/filters/APFilter/true
13:27:14.668 [main] ERROR com.intuit.karate - http request failed:
javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到到请求目标的有效证书路径
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
推荐答案
请执行以下操作:
* configure ssl = true
详细阅读文档: https://github.com/intuit/karate#configure
对于那些将来登陆这里的人,我最近意识到,如果以上操作失败,则很可能是您将空手道添加到了具有不同版本的Apache HTTP客户端的Java Maven(或Gradle)项目中范围内的库.而且发生的是JAR冲突导致某些与SSL相关的类无法加载.
for those landing here in the future, I recently realized that if the above fails, it is most likely that you have added Karate to a Java Maven (or Gradle) project that has a different version of the Apache HTTP Client libraries in scope. And what happens is that the JAR conflict causes some SSL related classes to fail to load.
有2种解决方案:
- 使用
karate-jersey
代替karate-apache
- 像这样强制Apache依赖项的版本:
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>${apache.version}</version>
</dependency>
apache.version
的值取决于您的项目需要和空手道取决于什么,并且在大多数情况下,使用最新版本将起作用.
The value of apache.version
depends on what your project needs and what Karate depends on, and in most cases, using the latest possible version would work.
这篇关于如何通过空手道跳过SSL证书验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!