使用案例:
有一个Web服务发布为
https://a.b.c.d/zz?wsdl
我想要做的是查询这个URI,如果我得到一个VALID WSDL,我返回一个布尔“true”否则为“false”.
现在,如果我通过Chrome浏览器访问此URL,我将不得不手动对cert警告进行接受,然后下载WSDL.但是如何通过Java / HttpsURLConnection来做到这一点
import java.net.URL;
import java.io.*;
import javax.net.ssl.HttpsURLConnection;
public class JavaHttpsExample
{
public static void main(String[] args)
throws Exception
{
String httpsURL = "https://a.b.c.d/zz/V2.0/api?wsdl";
URL myurl = new URL(httpsURL);
HttpsURLConnection con = (HttpsURLConnection)myurl.openConnection();
InputStream ins = con.getInputStream();
InputStreamReader isr = new InputStreamReader(ins);
BufferedReader in = new BufferedReader(isr);
String inputLine;
while ((inputLine = in.readLine()) != null)
{
System.out.println(inputLine);
}
in.close();
}
}
我收到一个错误:
Exception in thread “main” javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No subject alternative names
matching IP address a.b.c.d found at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
Source) at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
Source) at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
Source) at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source) at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source) at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source) at
sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
Source) at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown
Source) at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown
Source) at JavaHttpsExample.main(JavaHttpsExample.java:14) Caused by:
java.security.cert.CertificateException: No subject alternative names
matching IP address a.b.c.d found at
sun.security.util.HostnameChecker.matchIP(Unknown Source) at
sun.security.util.HostnameChecker.match(Unknown Source) at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(Unknown
Source) at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)
我用a.b.c.d替换了真正的IP(当然)