java 验证客户端证书_如何绕过Java Web服务客户端中的证书检查

时如风逝

于 2021-02-13 07:51:15 发布

阅读量416

点赞数

文章标签： java 验证客户端证书

版权声明：本文为博主原创文章，遵循 CC 4.0 BY-SA 版权协议，转载请附上原文出处链接和本声明。

本文链接：https://blog.csdn.net/weixin_36250058/article/details/114118007

版权

使用案例：

有一个Web服务发布为

https://a.b.c.d/zz?wsdl

我想要做的是查询这个URI,如果我得到一个VALID WSDL,我返回一个布尔“true”否则为“false”.

现在,如果我通过Chrome浏览器访问此URL,我将不得不手动对cert警告进行接受,然后下载WSDL.但是如何通过Java / HttpsURLConnection来做到这一点

import java.net.URL;

import java.io.*;

import javax.net.ssl.HttpsURLConnection;

public class JavaHttpsExample

{

public static void main(String[] args)

throws Exception

{

String httpsURL = "https://a.b.c.d/zz/V2.0/api?wsdl";

URL myurl = new URL(httpsURL);

HttpsURLConnection con = (HttpsURLConnection)myurl.openConnection();

InputStream ins = con.getInputStream();

InputStreamReader isr = new InputStreamReader(ins);

BufferedReader in = new BufferedReader(isr);

String inputLine;

while ((inputLine = in.readLine()) != null)

{

System.out.println(inputLine);

}

in.close();

}

}

我收到一个错误：

Exception in thread “main” javax.net.ssl.SSLHandshakeException:

java.security.cert.CertificateException: No subject alternative names

matching IP address a.b.c.d found at

com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

at

com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown

Source) at

com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown

Source) at

com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown

Source) at

com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)

at

com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown

Source) at

com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown

Source) at

com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown

Source) at

sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)

at

sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown

Source) at

sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown

Source) at

sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown

Source) at JavaHttpsExample.main(JavaHttpsExample.java:14) Caused by:

java.security.cert.CertificateException: No subject alternative names

matching IP address a.b.c.d found at

sun.security.util.HostnameChecker.matchIP(Unknown Source) at

sun.security.util.HostnameChecker.match(Unknown Source) at

com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(Unknown

Source) at

com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown

Source)

我用a.b.c.d替换了真正的IP(当然)

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
java 验证客户端证书_如何绕过Java Web服务客户端中的证书检查

使用案例：有一个Web服务发布为https://a.b.c.d/zz?wsdl我想要做的是查询这个URI,如果我得到一个VALID WSDL,我返回一个布尔“true”否则为“false”.现在,如果我通过Chrome浏览器访问此URL,我将不得不手动对cert警告进行接受,然后下载WSDL.但是如何通过Java / HttpsURLConnection来做到这一点import java.net....
复制链接

扫一扫

评论

被折叠的条评论为什么被折叠?

到【灌水乐园】发言

查看更多评论

添加红包

成就一亿技术人!

hope_wisdom

发出的红包

实付元

使用余额支付

点击重新获取

扫码支付

钱包余额 0

抵扣说明：

1.余额是钱包充值的虚拟货币，按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载，可以购买VIP、付费专栏及课程。