htmlparser解决PKIX path building failed问题的两种方法

最新推荐文章于 2024-05-08 10:45:31 发布
最新推荐文章于 2024-05-08 10:45:31 发布
阅读量3.8k 收藏 3
点赞数
分类专栏: Java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/fjssharpsword/article/details/50715659
版权

应用htmlparser访问https网站时,部分网站会出现PKIX path building failed问题,应是ssl未认证(浏览器直接访问可以,可能是保存过对应证书),可从两个方法解决,一个是从目标服务器下载有效证书,另一个是信任所有证书。


方法一:下载有效证书,InstallCert源码如下

/*
 * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 *   - Redistributions of source code must retain the above copyright
 *     notice, this list of conditions and the following disclaimer.
 *
 *   - Redistributions in binary form must reproduce the above copyright
 *     notice, this list of conditions and the following disclaimer in the
 *     documentation and/or other materials provided with the distribution.
 *
 *   - Neither the name of Sun Microsystems nor the names of its
 *     contributors may be used to endorse or promote products derived
 *     from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

public class InstallCert {

	public static void main(String[] args) throws Exception {
		String host;
		int port;
		char[] passphrase;
		if ((args.length == 1) || (args.length == 2)) {
			String[] c = args[0].split(":");
			host = c[0];
			port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);
			String p = (args.length == 1) ? "changeit" : args[1];
			passphrase = p.toCharArray();
		} else {
			System.out
					.println("Usage: java InstallCert <host>[:port] [passphrase]");
			return;
		}

		File file = new File("jssecacerts");
		if (file.isFile() == false) {
			char SEP = File.separatorChar;
			File dir = new File(System.getProperty("java.home") + SEP + "lib"
					+ SEP + "security");
			file = new File(dir, "jssecacerts");
			if (file.isFile() == false) {
				file = new File(dir, "cacerts");
			}
		}
		System.out.println("Loading KeyStore " + file + "...");
		InputStream in = new FileInputStream(file);
		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
		ks.load(in, passphrase);
		in.close();

		SSLContext context = SSLContext.getInstance("TLS");
		TrustManagerFactory tmf = TrustManagerFactory
				.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		tmf.init(ks);
		X509TrustManager defaultTrustManager = (X509TrustManager) tmf
				.getTrustManagers()[0];
		SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
		context.init(null, new TrustManager[] { tm }, null);
		SSLSocketFactory factory = context.getSocketFactory();

		System.out
				.println("Opening connection to " + host + ":" + port + "...");
		SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
		socket.setSoTimeout(10000);
		try {
			System.out.println("Starting SSL handshake...");
			socket.startHandshake();
			socket.close();
			System.out.println();
			System.out.println("No errors, certificate is already trusted");
		} catch (SSLException e) {
			System.out.println();
			e.printStackTrace(System.out);
		}

		X509Certificate[] chain = tm.chain;
		if (chain == null) {
			System.out.println("Could not obtain server certificate chain");
			return;
		}

		BufferedReader reader = new BufferedReader(new InputStreamReader(
				System.in));

		System.out.println();
		System.out.println("Server sent " + chain.length + " certificate(s):");
		System.out.println();
		MessageDigest sha1 = MessageDigest.getInstance("SHA1");
		MessageDigest md5 = MessageDigest.getInstance("MD5");
		for (int i = 0; i < chain.length; i++) {
			X509Certificate cert = chain[i];
			System.out.println(" " + (i + 1) + " Subject "
					+ cert.getSubjectDN());
			System.out.println("   Issuer  " + cert.getIssuerDN());
			sha1.update(cert.getEncoded());
			System.out.println("   sha1    " + toHexString(sha1.digest()));
			md5.update(cert.getEncoded());
			System.out.println("   md5     " + toHexString(md5.digest()));
			System.out.println();
		}

		System.out
				.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");
		String line = reader.readLine().trim();
		int k;
		try {
			k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;
		} catch (NumberFormatException e) {
			System.out.println("KeyStore not changed");
			return;
		}

		X509Certificate cert = chain[k];
		String alias = host + "-" + (k + 1);
		ks.setCertificateEntry(alias, cert);

		OutputStream out = new FileOutputStream("jssecacerts");
		ks.store(out, passphrase);
		out.close();

		System.out.println();
		System.out.println(cert);
		System.out.println();
		System.out
				.println("Added certificate to keystore 'jssecacerts' using alias '"
						+ alias + "'");
	}

	private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

	private static String toHexString(byte[] bytes) {
		StringBuilder sb = new StringBuilder(bytes.length * 3);
		for (int b : bytes) {
			b &= 0xff;
			sb.append(HEXDIGITS[b >> 4]);
			sb.append(HEXDIGITS[b & 15]);
			sb.append(' ');
		}
		return sb.toString();
	}

	private static class SavingTrustManager implements X509TrustManager {

		private final X509TrustManager tm;
		private X509Certificate[] chain;

		SavingTrustManager(X509TrustManager tm) {
			this.tm = tm;
		}

		public X509Certificate[] getAcceptedIssuers() {
			throw new UnsupportedOperationException();
		}

		public void checkClientTrusted(X509Certificate[] chain, String authType)
				throws CertificateException {
			throw new UnsupportedOperationException();
		}

		public void checkServerTrusted(X509Certificate[] chain, String authType)
				throws CertificateException {
			this.chain = chain;
			tm.checkServerTrusted(chain, authType);
		}
	}

}
编译InstallCert.java,然后执行:java InstallCert hostname,比如: java InstallCert www.rizhiyi.com

工程目录下生成jssecacerts证书文件,在parser = new Parser(url)代码前执行

System.setProperty("javax.net.ssl.trustStore", "工程目录/jssecacerts");


方法二:信任所有证书

import java.net.URL;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.htmlparser.Parser;
import org.htmlparser.visitors.TextExtractingVisitor;

public class SslUtils {
	
	private static void trustAllHttpsCertificates() throws Exception {
		TrustManager[] trustAllCerts = new TrustManager[1];
		TrustManager tm = new miTM();
		trustAllCerts[0] = tm;
		SSLContext sc = SSLContext.getInstance("SSL");
		sc.init(null, trustAllCerts, null);
		HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
	}
	
	
	static class miTM implements TrustManager,X509TrustManager {
		public X509Certificate[] getAcceptedIssuers() {
			return null;
		}
		public boolean isServerTrusted(X509Certificate[] certs) {
			return true;
		}
		public boolean isClientTrusted(X509Certificate[] certs) {
			return true;
		}
		public void checkServerTrusted(X509Certificate[] certs, String authType)
				throws CertificateException {
			return;
		}
		public void checkClientTrusted(X509Certificate[] certs, String authType)
				throws CertificateException {
			return;
		}
	}
	
	/**
	 * 忽略HTTPS请求的SSL证书
	* @throws Exception
	 */
	public static void ignoreSsl() throws Exception{
		HostnameVerifier hv = new HostnameVerifier() {
			public boolean verify(String urlHostName, SSLSession session) {
				System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
				return true;
			}
		};
		trustAllHttpsCertificates();
		HttpsURLConnection.setDefaultHostnameVerifier(hv);
	}
	
	public static void main(String[] args) throws Exception {
		
		URL u = new URL("https://www.rizhiyi.com/");
		if("https".equalsIgnoreCase(u.getProtocol())){
			SslUtils.ignoreSsl();
		}
		Parser parser;
		parser = new Parser(u.toString());
		parser.setEncoding("UTF-8");
		TextExtractingVisitor tev=new TextExtractingVisitor();
		parser.visitAllNodesWith(tev);
		String body=tev.getExtractedText();
		System.out.println(body);
	}
}







fjssharpsword
关注
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
专栏目录
网络爬虫遇到的问题解决方法1
08-08
解决方法包括检查 jar 文件位置、重新设置 build path,或者确认所有必要的库都已包含。 8. **异常处理**:`Unreachable catch block for IOException` 表示 catch 块中的异常类型不会在 try 语句中被抛出,需要...
C#下解析HTML的两种方法介绍
09-05
本文将详细介绍两种不同的方法,帮助开发者有效地处理HTML内容。 第一种方法是使用`System.Net.WebClient`类配合正则表达式。`WebClient`类允许我们从指定URL下载网页内容,然后将其存储为字符串。接下来,可以使用...
PKIX path 异常 - 可以使用 Keytools 将服务端的秘钥库导入本地
平塘大鱼儿
06-10 617
异常: PKIX path building failed (公钥绑定失败) 异常场景:使用RPC做远程调用时服务提供端使用了HTTPS 技术,而本地客户端中无任何SSL配置 异常描述:客户端未配置秘钥库,或未配置 HTTPS 链接所需要的 公钥#可以简单粗暴直接改用HTTP,或者麻烦点使用如下HTTPS的方式: 2.如果是本地自行配置的tomcat等web容器后启动的项目,则需要在Web容器中配置相应秘钥,以tomcat为例,需要修改tomcat安装目录/conf/server.xml,修改IDEA里
报错 | PKIX path building failed: ...SunCertPathBuilderException:unable to find valid certification...
野生猿林仔的博客
07-03 2万+
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target的解决方案。
问题PKIX path building failed unable to find valid certification path to requested target分析
最新发布
gongjin28_csdn的博客
05-08 1028
解决这一问题的核心在于确保Java环境能够信任目标服务器的证书,要么通过确保证书链的有效性和完整性,要么通过手动将所需证书添加到Java的信任存储中。对于生产环境,强烈建议遵循最佳实践,使用权威CA签发的证书,并保持Java环境的安全更新。
serverhttpsecurity 缺少_解决https安全证书缺少的问题
weixin_39878745的博客
12-31 1060
解决PKIX:unable to find valid certification path to target 的问题问题描述这两天上测试服务器的时候突然报这样的异常javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.secur...
证书异常导致:javax.net.ssl.SSLHandshakeException: sun.security.validator
Aikes Blog
10-08 1万+
程序访问Https地址时报错处理
Java:PKIX path building failed: SunCertPathBuilderException解决方法汇总
netyeaxi的专栏
09-15 2393
PKIX path building failed: SunCertPathBuilderException解决方法汇总
C#搜索引擎开发解析HTML的两种方法.doc
06-12
第二种方法是使用第三方库,如`Winista.HtmlParser.Net`。这是一个针对.NET平台的开源HTML解析器,提供了更强大的HTML解析功能。它能更好地处理HTML的复杂性,包括错误修复、标签匹配和内容提取等。下面是一个使用`...
htmlparser.jar 源码加jar包 彻底解决乱码
02-23
这对于开发者来说是一个很大的优势,可以深入理解其工作原理,以便在遇到问题时能快速定位并解决问题。 6. **直接引用**:描述中提到,只需将这个jar包引入项目,即可使用其功能。这意味着HTMLParser.jar的API设计...
htmlparser
07-02
htmlparser [1] 是一个纯的java写的html(标准通用标记语言下的一个应用)解析的库,它不依赖于其它的java库文件,主要用于改造或提取html。
PKIX path building failed
12-07
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
解决PKIX path building failed问题
热门推荐
qq_34778576的博客
09-09 4万+
解决PKIX path building failed问题 PKIX path building failed 通俗讲解 通俗的讲,PKIX path building failed 出现的原因是因为自己的Java环境没有相关网站的证书而导致的 PKIX path building failed 具体内容 PKIX的全称为Public-Key Infrastructure (X.509),通过wiki百科我们可以知道X.509是一种证书的标准,这种标准用在很多网络协议,比如TLS/SSL。而TLS/SSL
解决PKIX path building failed问题以及示例
chenz_yang的博客
08-18 5256
这个是证书出问题了,服务器不信任我们自己创建的证书,所以在代码中必须要忽略证书信任问题解决方法: 第一步:首先创建一个SslUtil工具类,在里面做忽略证书信任操作:import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.Ho
Java#PKIX path building failed
一步一个脚印的专栏
09-29 2万+
2013-09-24 场景 项目对账系统涉及到第三方支付平台交易记录采集,通讯协议为HTTPS单向认证(客户端需要认证支付平台网关是否可信,支付平台网关不在协议层验证客户端是否可任),通讯层主要集成了Apache HttpClient组件。 项目测试过程中在测试环境(Linux)采集过三个月左右交易记录,通讯层这块没有任何问题,项目上线后发现异常日志中抛出大量与此项目相关异常信息,异常信息表
Maven编译打包时报“PKIX path building failed”异常解决方法
truth99的专栏
11-25 2285
[b][size=medium][color=blue] 现在用intellij idea集成开发工具的人越来越多,所以今天我也想弄弄这个开发工具。 在编译maven项目的时候报了一个异常,在网上搜了一些文章最终将问题解决了,在此记录下来方便以后查阅。 [/color][/size][/b] [size=medium] [b]异常代码如下:[/b] [/size] [code="ja...
使用HTMLParser提取网页正文信息的方法
"HTMLParser抽取Web网页正文信息" 在互联网领域,HTMLParser是一个强大的工具,用于解析和处理HTML文档。在浏览Web网页时,通常需要从众多的网页元素中抽取出主要内容,即网页的主题信息,以便快速获取核心内容,...
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值