博客针对请求https接口时出现的证书问题,给出解决方案。即生成证书文件用于代码中,具体步骤为:先使用chrome浏览器打开接口地址,将接口证书文件保存到本地,如保存成baidu.cer文件,接着生成证书存储文件,最后将接口证书文件导入到证书存储文件中。
请求https接口时出现,证书问题
解决方案:生成证书文件用于代码中
1.保存接口证书文件到本地
使用chrome浏览器打开接口地址:
用百度举例子
保存成baidu.cer文件
2.生成证书存储文件
C:\WINDOWS\system32>keytool -genkey -v -alias baidujks -srcstoretype pkcs12 -deststoretype pkcs12 -keyalg RSA -keysize 1024 -keypass 123456 -dname "cn=baidu" -keystore D:\baidu-truststore.jks -storepass 123456 -validity 3650
正在为以下对象生成 1,024 位RSA密钥对和自签名证书 (SHA256withRSA) (有效期为 3,650 天):
CN=baidu
[正在存储D:\baidu-truststore.jks]3.将接口证书文件导入到证书存储文件中
C:\WINDOWS\system32>keytool -import -alias baidu -trustcacerts -file C:\Users\bingo\Desktop\baidu.cer -keystore D:\baidu-truststore.jks
输入密钥库口令:
所有者: CN=baidu.com, O="Beijing Baidu Netcom Science Technology Co., Ltd", OU=service operation department, L=beijing, ST=beijing, C=CN
发布者: CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE
序列号: 725878366e9f56e81d418848
有效期为 Thu Apr 02 15:04:58 CST 2020 至 Mon Jul 26 13:31:02 CST 2021
证书指纹:
MD5: 53:9B:07:1C:F7:D2:F0:2B:1C:85:CC:09:DA:11:86:E5
SHA1: FC:B4:0A:45:F2:7E:B3:91:AD:B1:3F:34:A6:25:96:87:35:CE:DD:CB
SHA256: 2E:D1:89:34:9F:81:8F:34:14:13:2E:BE:A3:09:E3:6F:62:0D:78:A0:50:7A:2F:A5:23:30:5F:27:50:62:D7:3C
签名算法名称: SHA256withRSA
主体公共密钥算法: 2048 位 RSA 密钥
版本: 3
扩展:
#1: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
0000: 04 82 01 6A 01 68 00 76 00 5C DC 43 92 FE E6 AB ...j.h.v.\.C....
0010: 45 44 B1 5E 9A D4 56 E6 10 37 FB D5 FA 47 DC A1 ED.^..V..7...G..
0020: 73 94 B2 5E E6 F6 C7 0E CA 00 00 01 71 39 B5 3C s..^........q9.<
0030: BA 00 00 04 03 00 47 30 45 02 20 69 86 68 31 21 ......G0E. i.h1!
0040: B3 59 5D A3 D6 89 4A 97 45 66 0B 69 14 93 DF C2 .Y]...J.Ef.i....
0050: 9E 72 87 A4 28 8A 1F E5 F5 E6 B2 02 21 00 C9 19 .r..(.......!...
0060: B4 5F 17 C8 A0 AE FE 76 65 97 57 BD BC 89 4A 6D ._.....ve.W...Jm
0070: 6F 11 AD 4A FF EF 81 E9 99 27 15 45 1B 01 00 76 o..J.....'.E...v
0080: 00 6F 53 76 AC 31 F0 31 19 D8 99 00 A4 51 15 FF .oSv.1.1.....Q..
0090: 77 15 1C 11 D9 02 C1 00 29 06 8D B2 08 9A 37 D9 w.......).....7.
00A0: 13 00 00 01 71 39 B5 3C E4 00 00 04 03 00 47 30 ....q9.<......G0
00B0: 45 02 20 54 45 6C 30 4E 05 D9 FB D2 15 DE 68 66 E. TEl0N......hf
00C0: 13 41 0E CD B8 3D D3 50 CB 46 CC DB 2C 8A 5A 7C .A...=.P.F..,.Z.
00D0: 36 3F 5E 02 21 00 BB 2F 10 6A 9B 05 5A E9 1B 18 6?^.!../.j..Z...
00E0: 4A A1 35 65 CF BF 86 5A 89 BC 4A B7 D4 78 77 27 J.5e...Z..J..xw'
00F0: E3 EF 43 9F BC 46 00 76 00 F6 5C 94 2F D1 77 30 ..C..F.v..\./.w0
0100: 22 14 54 18 08 30 94 56 8E E3 4D 13 19 33 BF DF ".T..0.V..M..3..
0110: 0C 2F 20 0B CC 4E F1 64 E3 00 00 01 71 39 B5 3C ./ ..N.d....q9.<
0120: AB 00 00 04 03 00 47 30 45 02 20 45 05 83 F1 28 ......G0E. E...(
0130: 47 61 95 FE 9B A9 BC 31 41 8E ED B2 48 1D A0 5B Ga.....1A...H..[
0140: A5 3F 13 E6 76 BC D2 E6 D3 69 3F 02 21 00 A9 CA .?..v....i?.!...
0150: AB 0C DC 87 DF 25 20 D4 18 CC B0 15 E7 6F 82 F0 .....% ......o..
0160: 65 D9 3D 71 59 35 F8 5F A4 CE 2D 43 AC 5B e.=qY5._..-C.[
#2: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: caIssuers
accessLocation: URIName: http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
,
accessMethod: ocsp
accessLocation: URIName: http://ocsp2.globalsign.com/gsorganizationvalsha2g2
]
]
#3: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 96 DE 61 F1 BD 1C 16 29 53 1C C0 CC 7D 3B 83 00 ..a....)S....;..
0010: 40 E6 1A 7C @...
]
]
#4: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
#5: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl]
]]
#6: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.4146.1.20]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 26 68 74 74 70 73 3A 2F 2F 77 77 77 2E 67 6C .&https://www.gl
0010: 6F 62 61 6C 73 69 67 6E 2E 63 6F 6D 2F 72 65 70 obalsign.com/rep
0020: 6F 73 69 74 6F 72 79 2F ository/
]] ]
[CertificatePolicyId: [2.23.140.1.2.2]
[] ]
]
#7: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
#8: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
#9: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: baidu.com
DNSName: baifubao.com
DNSName: www.baidu.cn
DNSName: www.baidu.com.cn
DNSName: mct.y.nuomi.com
DNSName: apollo.auto
DNSName: dwz.cn
DNSName: *.baidu.com
DNSName: *.baifubao.com
DNSName: *.baidustatic.com
DNSName: *.bdstatic.com
DNSName: *.bdimg.com
DNSName: *.hao123.com
DNSName: *.nuomi.com
DNSName: *.chuanke.com
DNSName: *.trustgo.com
DNSName: *.bce.baidu.com
DNSName: *.eyun.baidu.com
DNSName: *.map.baidu.com
DNSName: *.mbd.baidu.com
DNSName: *.fanyi.baidu.com
DNSName: *.baidubce.com
DNSName: *.mipcdn.com
DNSName: *.news.baidu.com
DNSName: *.baidupcs.com
DNSName: *.aipage.com
DNSName: *.aipage.cn
DNSName: *.bcehost.com
DNSName: *.safe.baidu.com
DNSName: *.im.baidu.com
DNSName: *.baiducontent.com
DNSName: *.dlnel.com
DNSName: *.dlnel.org
DNSName: *.dueros.baidu.com
DNSName: *.su.baidu.com
DNSName: *.91.com
DNSName: *.hao123.baidu.com
DNSName: *.apollo.auto
DNSName: *.xueshu.baidu.com
DNSName: *.bj.baidubce.com
DNSName: *.gz.baidubce.com
DNSName: *.smartapps.cn
DNSName: *.bdtjrcv.com
DNSName: *.hao222.com
DNSName: *.haokan.com
DNSName: *.pae.baidu.com
DNSName: *.vd.bdstatic.com
DNSName: click.hm.baidu.com
DNSName: log.hm.baidu.com
DNSName: cm.pos.baidu.com
DNSName: wn.pos.baidu.com
DNSName: update.pan.baidu.com
]
#10: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 9E C9 79 D7 E9 5B AB 8A 16 CC 32 8E C6 99 E6 9F ..y..[....2.....
0010: 20 42 35 87 B5.
]
]
是否信任此证书? [否]: 是
证书已添加到密钥库中
C:\WINDOWS\system32>
扫一扫
1542
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
