如何处理httpclient的ssl错误

版权声明:本文为博主原创文章,遵循 CC 4.0 by-sa 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/Paul_Huang_2011/article/details/72858909

今天使用httpclient 4.5,爬取https网站时报错:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1627)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:204)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:198)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:994)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:142)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:533)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:471)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:904)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1132)
        at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:643)
        at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:78)
        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
        at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
        at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
        at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
        at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
        at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
        at simpleapachehttp.Main.main(Main.java:41)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:302)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:205)
        at sun.security.validator.Validator.validate(Validator.java:235)
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:147)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:230)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:270)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:973)
        ... 17 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:191)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:255)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:297)
        ... 23 more

网上搜索时,各种答案,最后采用下列方法解决:

org.apache.http.ssl.SSLContextBuilder context_b = SSLContextBuilder.create();
        context_b.loadTrustMaterial(new org.apache.http.conn.ssl.TrustSelfSignedStrategy());
        SSLContext ssl_context = context_b.build();
        org.apache.http.conn.ssl.SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(ssl_context,
                new org.apache.http.conn.ssl.DefaultHostnameVerifier());

        HttpClientBuilder builder = HttpClients.custom()
            .setSSLSocketFactory(sslSocketFactory);
        httpclient = builder.build();

展开阅读全文

httpClient 有关SSL证书的处理

01-13

avax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetrn at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)rn at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)rn at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)rn at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)rn at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)rn at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)rn at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)rn at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)rn at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)rn at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)rn at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)rn at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)rn at java.io.BufferedOutputStream.flushBuffer(Unknown Source)rn at java.io.BufferedOutputStream.flush(Unknown Source)rn at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)rn at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)rn at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)rn at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)rn at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)rn at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)rn at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)rn at com.leg3s.comm.utils.AppHttpClient.execute(AppHttpClient.java:82)rn at com.leg3s.comm.utils.AppHttpClient.executeHttpMethod(AppHttpClient.java:63)rn at com.leg3s.pay.ring.utils.RingPayThread.run(RingPayThread.java:43)rn at java.lang.Thread.run(Unknown Source)rnCaused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetrn at sun.security.validator.PKIXValidator.doBuild(Unknown Source)rn at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)rn at sun.security.validator.Validator.validate(Unknown Source)rn at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)rn at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)rn at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)rn ... 21 morernCaused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetrn at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)rn at java.security.cert.CertPathBuilder.build(Unknown Source)rn ... 27 morernrn在用httpClient访问网站的时候出现以上错误,在网上搜了一下,rn处理的方法大概是先获取证书生成相应文件,然后再加载。rn我想问一下httpClient的自动处理的方法,或者有没有相关的组件可以自动处理? 论坛

java中的httpclientSSL出错

02-15

我直接下载最新版的httpclient,直接复制的示例中的代码,只是把网址换成我自己想要的网址.并且,在我电脑中,在办公室服务器里测试都通过,但上传上机房服务器里面就出错了.rnrnjava代码rn[code="java"]rnrn public void login()rn rn tryrn rn //初始化 httpclientrn DefaultHttpClient httpclient = new DefaultHttpClient();rn //设置证书rn httpclient.getConnectionManager().getSchemeRegistry().register(sch);rn String url = "login.jsp";rn HttpPost httpost = new HttpPost(url);rn print("准备登陆网站,网址:"+url);rn List nvps = new ArrayList ();rn nvps.add(new BasicNameValuePair("actionName", "login"));rn nvps.add(new BasicNameValuePair("login_password", "11"));rn nvps.add(new BasicNameValuePair("login_user", "111")); rn httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));rn HttpResponse response = httpclient.execute(httpost);rn String statusLine = response.getStatusLine().toString();rn print("得到网页打开状态"+statusLine);rn if(statusLine.equals("HTTP/1.1 200 OK"))rn rn rn rn rn /*rn * 设置SSL证书rn */rn public void setSSL()rn rn tryrn rn KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); rn String p = System.getProperty("user.dir")+"/my.key";rn print(p);rn FileInputStream instream = new FileInputStream(new File(p)); rn try rn trustStore.load(instream, "123456".toCharArray());rn catch(Exception e)rn rn e.printStackTrace();rn rn finally rn instream.close();rn rn SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);rn sch = new Scheme("https", socketFactory, 443);rn rn catch(Exception e)rn rn e.printStackTrace();rn rn rn[/code]rnrn程序出错提示rn[code="java"]rnjavax.net.ssl.SSLPeerUnverifiedException: peer not authenticatedrn at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:371)rn at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)rn at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:399)rn at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:143)rn at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)rn at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)rn at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)rn at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)rn at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)rn at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)rn at login(login.java:89)rn[/code] 问答

没有更多推荐了,返回首页