# 证书路径拼接规则修复 ## 问题描述 生产环境中微信支付证书路径拼接错误,导致证书加载失败: **错误路径**: ``` /www/wwwroot/file.ws/wechat/10550//20250727/c27fe16e08314431a56c3489818af64f.pem ``` **正确路径**: ``` /www/wwwroot/file.ws/file/20250727/c27fe16e08314431a56c3489818af64f.pem ``` ## 修复方案 修改证书路径拼接规则为:`uploadPath + "file" + 数据库存储的相对路径` ## 修改的文件 ### 1. WxNativePayController.java **文件路径**: `src/main/java/com/gxwebsoft/common/system/controller/WxNativePayController.java` **修改内容**: ```java // 修改前 apiclientKey = config.getUploadPath().concat("/file").concat(payment.getApiclientKey()); // 修改后 String relativePath = payment.getApiclientKey(); apiclientKey = config.getUploadPath() + "file" + relativePath; log.info("生产环境证书路径构建 - 上传根路径: {}", config.getUploadPath()); log.info("生产环境证书路径构建 - 数据库相对路径: {}", relativePath); log.info("生产环境证书路径构建 - 完整路径: {}", apiclientKey); ``` ### 2. AlipayConfigUtil.java **文件路径**: `src/main/java/com/gxwebsoft/common/core/utils/AlipayConfigUtil.java` **修改内容**: ```java // 修改前 this.appCertPublicKey = pathConfig.getUploadPath() + "file" + payment.getString("appCertPublicKey"); this.alipayCertPublicKey = pathConfig.getUploadPath() + "file" + payment.getString("alipayCertPublicKey"); this.alipayRootCert = pathConfig.getUploadPath() + "file" + payment.getString("alipayRootCert"); // 修改后 String appCertPath = payment.getString("appCertPublicKey"); String alipayCertPath = payment.getString("alipayCertPublicKey"); String rootCertPath = payment.getString("alipayRootCert"); this.appCertPublicKey = pathConfig.getUploadPath() + "file" + appCertPath; this.alipayCertPublicKey = pathConfig.getUploadPath() + "file" + alipayCertPath; this.alipayRootCert = pathConfig.getUploadPath() + "file" + rootCertPath; log.info("生产环境支付宝证书路径构建:"); log.info("上传根路径: {}", pathConfig.getUploadPath()); log.info("应用证书 - 数据库路径: {}, 完整路径: {}", appCertPath, this.appCertPublicKey); log.info("支付宝证书 - 数据库路径: {}, 完整路径: {}", alipayCertPath, this.alipayCertPublicKey); log.info("根证书 - 数据库路径: {}, 完整路径: {}", rootCertPath, this.alipayRootCert); ``` ### 3. CertificateHealthService.java **文件路径**: `src/main/java/com/gxwebsoft/common/core/service/CertificateHealthService.java` **修改内容**: ```java // 修改前 String fullPath = uploadPath + "file" + relativePath; // 修改后 String fullPath = uploadPath + "file" + relativePath; log.debug("生产环境证书路径构建 - 上传根路径: {}, 相对路径: {}, 完整路径: {}", uploadPath, relativePath, fullPath); ``` ### 4. SettingServiceImpl.java **文件路径**: `src/main/java/com/gxwebsoft/common/system/service/impl/SettingServiceImpl.java` **修改内容**: ```java // 修改前 final String privateKey = pathConfig.getUploadPath().concat("file").concat(apiclientKey); final String apiclientCert = pathConfig.getUploadPath().concat("file").concat(jsonObject.getString("apiclientCert")); // 修改后 final String privateKey = pathConfig.getUploadPath() + "file" + apiclientKey; final String apiclientCert = pathConfig.getUploadPath() + "file" + jsonObject.getString("apiclientCert"); ``` ## 路径构建规则 ### 生产环境配置 - **上传根路径**: `/www/wwwroot/file.ws/` (来自 `application-prod.yml` 的 `config.upload-path`) - **文件目录**: `file` - **数据库相对路径**: `/20250727/c27fe16e08314431a56c3489818af64f.pem` ### 最终路径 ``` /www/wwwroot/file.ws/ + file + /20250727/c27fe16e08314431a56c3489818af64f.pem = /www/wwwroot/file.ws/file/20250727/c27fe16e08314431a56c3489818af64f.pem ``` ## 验证方法 1. **重新部署应用** 2. **查看日志输出**,确认路径构建正确: ``` 生产环境证书路径构建 - 上传根路径: /www/wwwroot/file.ws/ 生产环境证书路径构建 - 数据库相对路径: /20250727/c27fe16e08314431a56c3489818af64f.pem 生产环境证书路径构建 - 完整路径: /www/wwwroot/file.ws/file/20250727/c27fe16e08314431a56c3489818af64f.pem ``` 3. **测试微信支付功能**,确认证书加载成功 ## 注意事项 1. 确保数据库中存储的证书路径格式正确(以 `/` 开头的相对路径) 2. 确保服务器上的证书文件存在于正确位置 3. 修改后需要重新编译和部署应用 4. 建议在测试环境先验证修改效果 ## 相关配置 ### application-prod.yml ```yaml config: upload-path: /www/wwwroot/file.ws/ ``` ### 数据库字段示例 ```sql -- sys_payment 表中的 apiclient_key 字段应该存储类似这样的值: -- /20250727/c27fe16e08314431a56c3489818af64f.pem ```