2
我们正在研究使用PlayFramework构建并将其部署到Heroku的Java应用程序。我们通过Play Authenticate将我们的登录机制与Facebook整合在一起,但从今天早上开始,我们无法登录。我们得到一些看起来像附件的安全证书异常。导致java.security.InvalidAlgorithmParameterException的Facebook登录:trustAnchors参数必须为非空
我们想知道这是否可能是由于环境中的某些变化所致,因为我们不记得更改任何相关的应用程序代码。有什么我们可以检查?
由于提前,
2013-02-20T17:33:32+00:00 app[web.1]: play.api.Application$$anon$1: Execution exception[[RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty]]
2013-02-20T17:33:32+00:00 app[web.1]:
2013-02-20T17:33:32+00:00 app[web.1]: at play.api.DefaultApplication.handleError(Application.scala:383) [play_2.10-2.1.0.jar:2.1.0]
2013-02-20T17:33:32+00:00 app[web.1]: at play.api.libs.concurrent.PlayPromise$$anonfun$extend1$1.apply(Promise.scala:113) [play_2.10-2.1.0.jar:2.1.0]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:508) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:759) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:727) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1118) ~[netty-3.5.9.Final.jar:na]
2013-02-20T17:33:32+00:00 app[web.1]: at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
2013-02-20T17:33:32+00:00 app[web.1]: at play.core.server.netty.PlayDefaultUpstreamHandler$$anon$2$$anonfun$handle$1.apply(PlayDefaultUpstreamHandler.scala:132) [play_2.10-2.1.0.jar:2.1.0]
2013-02-20T17:33:32+00:00 app[web.1]: at play.api.libs.concurrent.PlayPromise$$anonfun$extend1$1.apply(Promise.scala:113) [play_2.10-2.1.0.jar:2.1.0]
2013-02-20T17:33:32+00:00 app[web.1]: Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.validator.PKIXValidator.(PKIXValidator.java:75) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.validator.Validator.getInstance(Validator.java:178) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:270) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:225) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
2013-02-20T17:33:32+00:00 app[web.1]: at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at java.security.cert.PKIXBuilderParameters.(PKIXBuilderParameters.java:104) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at java.security.cert.PKIXParameters.(PKIXParameters.java:120) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.validator.PKIXValidator.(PKIXValidator.java:73) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1147) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.validator.Validator.getInstance(Validator.java:178) ~[na:1.6.0_27]
2013-02-20T17:33:32+00:00 app[web.1]: at sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:129) ~[na:1.6.0_27]
经过一段时间对问题进行故障排除后,一位同事将新更改推送到应用并重新部署。 没有什么似乎与登录有关的问题,但它现在正在工作。 可能与新应用程序的启动位置有关吗?与之前的部署有什么关系?是否有任何来自部署过程的日志,我们可以检查最后一个? – Marc 2013-02-20 19:51:30
对不起,这导致你。我们昨晚更新了JDK,它缺少默认的cacerts文件。我们已经将它回滚了,这就是为什么你再也看不到问题了。 – 2013-02-20 21:24:15
嗨Naaman,谢谢你的回答,很高兴知道它是什么! – Marc 2013-02-21 01:36:13