4.8 KiB
4.8 KiB
证书路径拼接规则修复
问题描述
生产环境中微信支付证书路径拼接错误,导致证书加载失败:
错误路径:
/www/wwwroot/file.ws/wechat/10550//20250727/c27fe16e08314431a56c3489818af64f.pem
正确路径:
/www/wwwroot/file.ws/file/20250727/c27fe16e08314431a56c3489818af64f.pem
修复方案
修改证书路径拼接规则为:uploadPath + "file" + 数据库存储的相对路径
修改的文件
1. WxNativePayController.java
文件路径: src/main/java/com/gxwebsoft/common/system/controller/WxNativePayController.java
修改内容:
// 修改前
apiclientKey = config.getUploadPath().concat("/file").concat(payment.getApiclientKey());
// 修改后
String relativePath = payment.getApiclientKey();
apiclientKey = config.getUploadPath() + "file" + relativePath;
log.info("生产环境证书路径构建 - 上传根路径: {}", config.getUploadPath());
log.info("生产环境证书路径构建 - 数据库相对路径: {}", relativePath);
log.info("生产环境证书路径构建 - 完整路径: {}", apiclientKey);
2. AlipayConfigUtil.java
文件路径: src/main/java/com/gxwebsoft/common/core/utils/AlipayConfigUtil.java
修改内容:
// 修改前
this.appCertPublicKey = pathConfig.getUploadPath() + "file" + payment.getString("appCertPublicKey");
this.alipayCertPublicKey = pathConfig.getUploadPath() + "file" + payment.getString("alipayCertPublicKey");
this.alipayRootCert = pathConfig.getUploadPath() + "file" + payment.getString("alipayRootCert");
// 修改后
String appCertPath = payment.getString("appCertPublicKey");
String alipayCertPath = payment.getString("alipayCertPublicKey");
String rootCertPath = payment.getString("alipayRootCert");
this.appCertPublicKey = pathConfig.getUploadPath() + "file" + appCertPath;
this.alipayCertPublicKey = pathConfig.getUploadPath() + "file" + alipayCertPath;
this.alipayRootCert = pathConfig.getUploadPath() + "file" + rootCertPath;
log.info("生产环境支付宝证书路径构建:");
log.info("上传根路径: {}", pathConfig.getUploadPath());
log.info("应用证书 - 数据库路径: {}, 完整路径: {}", appCertPath, this.appCertPublicKey);
log.info("支付宝证书 - 数据库路径: {}, 完整路径: {}", alipayCertPath, this.alipayCertPublicKey);
log.info("根证书 - 数据库路径: {}, 完整路径: {}", rootCertPath, this.alipayRootCert);
3. CertificateHealthService.java
文件路径: src/main/java/com/gxwebsoft/common/core/service/CertificateHealthService.java
修改内容:
// 修改前
String fullPath = uploadPath + "file" + relativePath;
// 修改后
String fullPath = uploadPath + "file" + relativePath;
log.debug("生产环境证书路径构建 - 上传根路径: {}, 相对路径: {}, 完整路径: {}",
uploadPath, relativePath, fullPath);
4. SettingServiceImpl.java
文件路径: src/main/java/com/gxwebsoft/common/system/service/impl/SettingServiceImpl.java
修改内容:
// 修改前
final String privateKey = pathConfig.getUploadPath().concat("file").concat(apiclientKey);
final String apiclientCert = pathConfig.getUploadPath().concat("file").concat(jsonObject.getString("apiclientCert"));
// 修改后
final String privateKey = pathConfig.getUploadPath() + "file" + apiclientKey;
final String apiclientCert = pathConfig.getUploadPath() + "file" + jsonObject.getString("apiclientCert");
路径构建规则
生产环境配置
- 上传根路径:
/www/wwwroot/file.ws/(来自application-prod.yml的config.upload-path) - 文件目录:
file - 数据库相对路径:
/20250727/c27fe16e08314431a56c3489818af64f.pem
最终路径
/www/wwwroot/file.ws/ + file + /20250727/c27fe16e08314431a56c3489818af64f.pem
= /www/wwwroot/file.ws/file/20250727/c27fe16e08314431a56c3489818af64f.pem
验证方法
- 重新部署应用
- 查看日志输出,确认路径构建正确:
生产环境证书路径构建 - 上传根路径: /www/wwwroot/file.ws/ 生产环境证书路径构建 - 数据库相对路径: /20250727/c27fe16e08314431a56c3489818af64f.pem 生产环境证书路径构建 - 完整路径: /www/wwwroot/file.ws/file/20250727/c27fe16e08314431a56c3489818af64f.pem - 测试微信支付功能,确认证书加载成功
注意事项
- 确保数据库中存储的证书路径格式正确(以
/开头的相对路径) - 确保服务器上的证书文件存在于正确位置
- 修改后需要重新编译和部署应用
- 建议在测试环境先验证修改效果
相关配置
application-prod.yml
config:
upload-path: /www/wwwroot/file.ws/
数据库字段示例
-- sys_payment 表中的 apiclient_key 字段应该存储类似这样的值:
-- /20250727/c27fe16e08314431a56c3489818af64f.pem