1.7.10 默认自动下载的Java 使用authlib-injector 登录会出现 PKIX path building failed #5252
Comments
|
我觉得要不然用 azul 的 zulu jdk 得了,BakaXL 和 PrismLauncher 就是这样干的,PCL 没道理不能这么做 https://cdn.azul.com/zulu/bin/zulu8.82.0.21-ca-jdk8.0.432-win_x64.zip Edit:虽然没证据表明 Zulu 比官方稳定但相对的也没证据证明官方的一定比 Zulu 稳定,我 Zulu OpenJDK 用到现在也没见崩游戏的情况,如果只是为了一个理论上存在的兼容性问题而降低用户体验,我个人认为不太值当 |
这个 Java 8u51 是从 Mojang 下载的,也不局限于 Minecraft 1.7.10。龙猫曾经的表态:#4455 (comment)
搜寻了一下,看到了个有类似报错的 issue (#3441),但原因不同——他/她的 Java 版本是 8u351。 |
|
我觉得这应该由 Authlib 那边处理,毕竟 8u51 是 Mojang 官方提供的 Java……不兼容官方 Java 就有点…… |
Authlib 大概是不会处理的 |
|
稍微看了一下,java 内部独立维护了一个证书库,使用 keytool 管理 |
|
抽空看了下 Java 属性参数 似乎只要把这个加到 JVM 参数里面 就能让 Java 信任系统根证书,或许可以缓解此问题,但我用的皮肤站 8u51 有信任证书,没法验证是否可行 cc @LTCatt |
|
@PAKingdom 可以麻烦您提供一下使用的皮肤站吗 |
Authlib:https://www.mcpa.top/ 阁下,感谢您提及我推动此问题。由于已知问题是 8u51 不信任证书导致的,我仍未更换其他 SSL 证书,因此该问题仍可复现 实机日志: 如果您有需要,下列为我在PCL2另一个ISSUES使用过的测试账号与测试服务器。欢迎测试 测试账号与测试服务器(点击展开)(以下服务跟随issues状态启用) 我非常愿意提供我力所能及的帮助 Authlib:https://www.mcpa.top/ 测试账户 仅供测试 Authlib-Injector USERNAME test@test.test 测试服务器 使用 1.7.10 原版进入 |
试试像楼上所说的,将 -Djavax.net.ssl.trustStoreType=WINDOWS-ROOT 加入 Java 参数? |
|
-Djavax.net.ssl.trustStoreType=WINDOWS-ROOT |
正常情况下龙猫包修的( |
LTCatt
added
可合并
Uh oh!
There was an error while loading. Please reload this page.
检查项
描述
此bug在新电脑中完美复现
此问题为PCL2自动下载Java版本为8.0.51导致的错误
提议:
问题解决思路:
yushijinhun/authlib-injector#117 (comment)
重现步骤
日志与附件
参考:
yushijinhun/authlib-injector#119
实机日志:
.minecraft\authlib-injector.log 可查阅到如下日志
[authlib-injector] [WARNING] Reverse proxy error javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1497) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1282) at sun.net.www.protocol.http.HttpURLConnection.access$100(HttpURLConnection.java:90) at sun.net.www.protocol.http.HttpURLConnection$8.run(HttpURLConnection.java:1249) at sun.net.www.protocol.http.HttpURLConnection$8.run(HttpURLConnection.java:1247) at java.security.AccessController.doPrivileged(Native Method) at java.security.AccessController.doPrivileged(AccessController.java:713) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1246) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) at moe.yushi.authlibinjector.httpd.URLProcessor.reverseProxy(URLProcessor.java:192) at moe.yushi.authlibinjector.httpd.URLProcessor.access$400(URLProcessor.java:47) at moe.yushi.authlibinjector.httpd.URLProcessor$1.serve(URLProcessor.java:158) at moe.yushi.authlibinjector.internal.fi.iki.elonen.NanoHTTPD$ClientHandler$$Lambda$38/1153271023.apply(Unknown Source) at moe.yushi.authlibinjector.internal.fi.iki.elonen.HTTPSession.execute(HTTPSession.java:246) at moe.yushi.authlibinjector.internal.fi.iki.elonen.NanoHTTPD$ClientHandler.run(NanoHTTPD.java:104) at java.lang.Thread.run(Thread.java:745) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1479) ... 24 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) ... 30 moreThe text was updated successfully, but these errors were encountered: