Https请求异常:javax.net.ssl.SSLHandshakeException

最新推荐文章于 2024-04-23 18:33:57 发布
最新推荐文章于 2024-04-23 18:33:57 发布
阅读量693 收藏 1
点赞数
通过HttpClient对https协议的url发出请求,产生异常:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: basic constraints check failed: pathLenConstraint violated - this cert must be the last cert in the certification path 
是由于Java安全性策略导致,解决方法有导入cert证书和改变安全策略,选择第二种通过代码改变安全性,无条件接受所有证书,加两个类、两行代码:
类一:
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.HttpClientError;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.ControllerThreadSocketFactory;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
public class MySecureProtocolSocketFactory implements
  SecureProtocolSocketFactory {
 private SSLContext sslContext = null;
 /**
  * Constructor for MySecureProtocolSocketFactory.
  */
 public MySecureProtocolSocketFactory() {
 }
 /**
  *
  * @return
  */
 private static SSLContext createEasySSLContext() {
  try {
   SSLContext context = SSLContext.getInstance("SSL");
   context.init(null, new TrustManager[] { new MyX509TrustManager() },
     null);
   return context;
  } catch (Exception e) {
   throw new HttpClientError(e.toString());
  }
 }
 /**
  *
  * @return
  */
 private SSLContext getSSLContext() {
  if (this.sslContext == null) {
   this.sslContext = createEasySSLContext();
  }
  return this.sslContext;
 }
 /*
  * (non-Javadoc)
  *
  * @see org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket(java.lang.String,
  *      int, java.net.InetAddress, int)
  */
 public Socket createSocket(String host, int port, InetAddress clientHost,
   int clientPort) throws IOException, UnknownHostException {
  return getSSLContext().getSocketFactory().createSocket(host, port,
    clientHost, clientPort);
 }
 /*
  * (non-Javadoc)
  *
  * @see org.apache.commons.httpclient.protocol.ProtocolSocketFactory#createSocket(java.lang.String,
  *      int, java.net.InetAddress, int,
  *      org.apache.commons.httpclient.params.HttpConnectionParams)
  */
 public Socket createSocket(final String host, final int port,
   final InetAddress localAddress, final int localPort,
   final HttpConnectionParams params) throws IOException,
   UnknownHostException, ConnectTimeoutException {
  if (params == null) {
   throw new IllegalArgumentException("Parameters may not be null");
  }
  int timeout = params.getConnectionTimeout();
  if (timeout == 0) {
   return createSocket(host, port, localAddress, localPort);
  } else {
   return ControllerThreadSocketFactory.createSocket(this, host, port,
     localAddress, localPort, timeout);
  }
 }
 /*
  * (non-Javadoc)
  *
  * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
  */
 public Socket createSocket(String host, int port) throws IOException,
   UnknownHostException {
  return getSSLContext().getSocketFactory().createSocket(host, port);
 }
 /*
  * (non-Javadoc)
  *
  * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
  */
 public Socket createSocket(Socket socket, String host, int port,
   boolean autoClose) throws IOException, UnknownHostException {
  return getSSLContext().getSocketFactory().createSocket(socket, host,
    port, autoClose);
 }
}
类二:
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509TrustManager;
public class MyX509TrustManager implements X509TrustManager {
 /*
  * (non-Javadoc)
  *
  * @see javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert.X509Certificate[],
  *      java.lang.String)
  */
 public void checkClientTrusted(X509Certificate[] arg0, String arg1)
   throws CertificateException {
 }
 /*
  * (non-Javadoc)
  *
  * @see javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert.X509Certificate[],
  *      java.lang.String)
  */
 public void checkServerTrusted(X509Certificate[] arg0, String arg1)
   throws CertificateException {
 }
 /*
  * (non-Javadoc)
  *
  * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
  */
 public X509Certificate[] getAcceptedIssuers() {
  return null;
 }

 两行代码:
HttpClient请求之前,加
//接受所有的安全证书
  ProtocolSocketFactory fcty = new MySecureProtocolSocketFactory();
  Protocol.registerProtocol("https", new Protocol("https", fcty, 443)); 
thinking_hunter
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
解决javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
u013816904的博客
11-27 7158
参考博客:https://blog.csdn.net/u014256984/article/details/73330573 1、新建一个空的InstallCert.java 文件,用notepad++打开 2、复制下面的代码到文件里面,保存 /*  * Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.  *  * Red...
javax.net.ssl.SSLHandshakeException报错问题解决方法(亲测有效)
最新发布
07-02 487
解决java获取https地址内容,遇到的证书验证问题
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: PKIX path validation failed
weixin_54348877的博客
10-14 3555
原因:java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: PKIX path validation failed(更多错误信息在后面)继续查看发现现在时间为2022-10-16,测试那边的时间为2033-10-16,微信那边判定有问题,于是不显示推送。背景:写的微信推送公众号消息方法,测试的时候没有收到对应的微信公众号推送。分析:查看日志,发现不是自己写的方法有报错,自己写的方法非常顺畅。图为自己写的代码方法与调用微信的行。
神奇的错误javax.net.ssl.SSLHandshakeException
热门推荐
小嘞嘞的专栏
06-21 1万+
今天在部署程序的时候遇到一个错误,找了半天也不知道是什么原因,因为在本地运行是没有问题的,报的异常是: 最后同事问了我一个问题:服务器的时间是哪天? 期初我在部署程序的时候真的注意到了,服务器的时间不太对劲,但是并没有觉得他会影响程序的运行,于是我又到服务器上看了眼时间,竟然是2002年1月份,才想到前天服务器重新做系统了,我将时间修正后,重启程序,果然
jenkinsjavax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPath
weixin_46519031的博客
03-15 1402
javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
JAVA_HOME报错javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException
w2909526的博客
01-11 2791
由于支付项目出现这种报错 javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints 最终查找原因是java7/8添加了安全机制 导致md5验签问题 解决方法: 把JAVA_HOME/jr...
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure的一个解决方案-附件资源
03-05
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure的一个解决方案-附件资源
url.openStream报错javax.net.ssl.SSLHandshakeException解决(忽略ssl证书方式)
02-23
访问带https请求忽略ssl证书,避免url.openStream报错javax.net.ssl.SSLHandshakeException url = new URL(imageUrl); if("https".equalsIgnoreCase(url.getProtocol())){ SslUtils.ignoreSsl(); } //不添加...
java.security.cert.CertificateException: No subject alternative DNS name matching XXX found解决方案
12-21
public class TrustAllTrustManager implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager { @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; ...
Java实现的Https请求工具类
04-09
首先,要实现HTTPS请求,我们需要导入Java的`java.net`和`javax.net.ssl`包,这两个包提供了处理网络连接和SSL/TLS安全协议的类。以下是一些关键步骤: 1. **创建SSLContext对象**:SSLContext是SSL/TLS协议的核心...
HTTPS请求+java
02-18
如果遇到服务器使用自签名证书或者非标准证书,Java可能会抛出`javax.net.ssl.SSLHandshakeException`。这时,可以通过重写`javax.net.ssl.HostnameVerifier`和`javax.net.ssl.SSLSocketFactory`来接受非标准证书。 ...
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative
qq_53612179的博客
04-23 267
我遇到报这个错是因为需要把图片取出来转为base64编码,使用freemarker导出为Word时图片位置需要将图片转为base64编码,由于图片放置与内网且保存地址是https形式的,所以就会报证书错误,这里就需要我们手动去忽略证书问题;
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException:No subject alternative
weixin_53273474的博客
10-28 2276
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException:No subject alternative names present解决方案。
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.securi
weixin_46311652的博客
11-17 1558
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternat...
qq_24850045的博客
12-14 4514
问题原因 访问https的网站,没有携带证书 解决方案 一、忽略证书 public RestTemplate dtRestTemplate() { RestTemplate restTemplate = null; try { SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(null, disableSslCheck(), ne
mysql连接池报错javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException
weixin_39133501的博客
07-02 3695
mysql连接池报错javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException 环境: mysql:5.7.29 spring:5.1.9 数据库配置如下: jdbc.url=jdbc:mysql://localhost:3306/db01?useSSL=true&useUnicode=true&characterEncoding=utf8 报错如下: The last packet succes
解决 javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException
qq_41913923的博客
09-26 3054
com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure The last packet successfully received from the server was 1,234 milliseconds ago. The last packet sent successfully to the server was 1,224 milliseconds ago. at sun.ref
报错:Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.sec
qq_42803467的博客
08-15 1820
在进行单元测试发现Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: java.sec 解决方法: "jdbc:mysql://127.0.0.1:3306/java_16blogdemo?characterEncoding=utf-8&useSSL=true"; 将上面的useSSL改为false即可 。 "C:\Program Files (x86)\Jav
https javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
09-21
引用:HTTP Status 500 - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find ... 引用:Java Spring应用发送数据报如下问题。 javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 原因分析: 引用:用httpclient访问https资源时,会出现异常,与环境也有关系,有些机器请求正常。 解决方案: 在HTTPS通信中,当Java程序尝试与服务端建立安全连接时,会进行SSL握手过程。如果在握手过程中出现异常javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException,可能是由于证书验证失败导致的。这种异常通常有两种原因:一是服务端证书不被信任,二是客户端无法找到合适的证书链。 解决这个问题的方法有以下几种: 1. 信任自签名证书:可以通过自定义TrustManager来信任自签名的证书。但这种方法存在安全风险,因为所有的自签名证书都会被信任。 2. 导入服务端证书:可以将服务端的证书导入到Java的信任证书库中,以确保它被信任。可以使用keytool工具将证书导入到Java信任库中。 3. 禁用证书验证:在开发环境中,可以禁用证书验证来避免这个问题。但在生产环境中不建议这样做,因为会降低通信的安全性。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值