javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternat...

最新推荐文章于 2024-04-23 18:33:57 发布

慢慢来不着急哟

最新推荐文章于 2024-04-23 18:33:57 发布

阅读量4.3k

点赞数

分类专栏： http开发文章标签： java ssl .net

本文链接：https://blog.csdn.net/qq_24850045/article/details/121927812

版权

http开发专栏收录该内容

5 篇文章 0 订阅

订阅专栏

问题原因

访问https的网站，没有携带证书

解决方案

一、忽略证书

public RestTemplate dtRestTemplate() {
        RestTemplate restTemplate = null;
        try {
            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
            sslContext.init(null, disableSslCheck(), new java.security.SecureRandom());
            HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
            SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
            RequestConfig requestConfig = RequestConfig.custom()
                .setConnectTimeout(TIMEOUT)
                .setConnectionRequestTimeout(TIMEOUT)
                .setSocketTimeout(TIMEOUT)
                .build();
            CloseableHttpClient sslInsecureClient = HttpClients.custom()
                .setDefaultRequestConfig(requestConfig)
                .setSSLSocketFactory(sslsf)
                .build();

            HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();

            requestFactory.setHttpClient(sslInsecureClient);
            restTemplate = new RestTemplate(requestFactory);
        } catch (Exception ex) {
            LOG.error("restTemplate create failed:" + ex.getMessage());
        }
        return restTemplate;
    }

    private static TrustManager[] disableSslCheck() {
        return new TrustManager[] {
                new X509TrustManager() {
                    @Override
                    public void checkClientTrusted(X509Certificate[] chain, String authType)
                            throws CertificateException {
                    }

                    @Override
                    public void checkServerTrusted(X509Certificate[] chain, String authType)
                            throws CertificateException {
                    }

                    @Override
                    public X509Certificate[] getAcceptedIssuers() {
                        return new X509Certificate[0];
                    }
                }
        };
    }

二、获取对应网站的证书


public RestTemplate restTemplate() {
        RestTemplate restTemplate = null;
        CloseableHttpClient sslInsecureClient = null;
        try {
            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
            sslContext.init(null, getTrustManagerFactory().getTrustManagers(), new java.security.SecureRandom());
            HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
            SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
            RequestConfig requestConfig = RequestConfig.custom()
                .setConnectTimeout(TIMEOUT)
                .setSocketTimeout(TIMEOUT)
                .setConnectionRequestTimeout(TIMEOUT)
                .build();
            sslInsecureClient = HttpClients.custom()
                .setSSLSocketFactory(sslsf)
                .setDefaultRequestConfig(requestConfig)
                .build();

            HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
            requestFactory.setHttpClient(sslInsecureClient);
            restTemplate = new RestTemplate(requestFactory);
        } catch (Exception ex) {
            LOG.error("create failed:", ex);
            if (!Objects.isNull(sslInsecureClient)) {
                try {
                    sslInsecureClient.close();
                } catch (IOException exx) {
                    LOG.error("close failed:", exx);
                }
            }
        }
        return restTemplate;
    }

 private static TrustManagerFactory getTrustManagerFactory() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
            TrustManagerFactory.getDefaultAlgorithm());
        InputStream inputStream = null;
        try {
            inputStream = RestTemplateConfig.class.getClassLoader().getResourceAsStream("证书地址");
            keyStore.load(inputStream, null);
            trustManagerFactory.init(keyStore);
        } catch (FileNotFoundException ex) {
            LOG.error("load key store file failed");
        } finally {
            if (inputStream != null) {
                inputStream.close();
            }
        }
        return trustManagerFactory;
    }

慢慢来不着急哟

关注

0
点赞
踩
4

收藏

觉得还不错? 一键收藏
0
评论
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternat...

问题原因访问https的网站，没有携带证书解决方案一、忽略证书public RestTemplate dtRestTemplate() { RestTemplate restTemplate = null; try { SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(null, disableSslCheck(), ne
复制链接

扫一扫