javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building

昨天接到领导布置的任务,与集团旗下一个子公司妙健康做接口开发,他们的接口是https的,因此我采用HttpsURLConnection来建立https网站发起的请求连接,测试demo代码如下:

package com.pcmall;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;


import javax.net.ssl.*;




public class TrustSSL {
    public static void main(String[] args) throws Exception {
    	URL console = new URL("https://xxx.xxx.xxx/xxx/xxx/xxx");
        HttpURLConnection conn = (HttpURLConnection) console.openConnection();
        conn.connect();
        System.out.println(conn.getResponseCode());
    }
}
报如下错误:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

网上百度了一下,说是HTTPS证书过时导致的,我们在这里写一个假的安全验证,则成功解决该问题,解决成功后代码如下:

package com.pcmall;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;


import javax.net.ssl.*;




public class TrustSSL {
    private static class TrustAnyTrustManager implements X509TrustManager {
    
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }
    
        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }
    
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[]{};
        }
    }
    
    private static class TrustAnyHostnameVerifier implements HostnameVerifier {
        public boolean verify(String hostname, SSLSession session) {
            return true;
        }
    }


    public static void main(String[] args) throws Exception {
    	URL console = new URL("https://xxx.xxx.xxx/xxx/xxx/xxx");
        HttpURLConnection conn = (HttpURLConnection) console.openConnection();
        if (conn instanceof HttpsURLConnection)  {
        	SSLContext sc = SSLContext.getInstance("SSL");
        	sc.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());
        	((HttpsURLConnection) conn).setSSLSocketFactory(sc.getSocketFactory());
        	((HttpsURLConnection) conn).setHostnameVerifier(new TrustAnyHostnameVerifier());
        }
        conn.connect();
        System.out.println(conn.getResponseCode());
    }
}
这个方法问了一圈同事,居然没人知道,我很是无语。

评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值