问题:
出现
HttpClientssun.security.validator.ValidatorException:
错误
我的报错是:使用HttpClients
出现sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
意思大概就是由于网站安全证书已到期或者还未生效造成页面无法访问。
方法:
1.是导入网站的证书
不过如果问题来源是人家的证书到期了,就…,所以我直接没考虑,也不可能以后遇到错误就去网站下载证书,怪麻烦,还不如复制代码来的轻松
2.跳过网站安全(ssl)检查(意思差不多)
2.1)继承DefaultHttpClient(不过DefaultHttpClient已经被废弃了)
来由:由于
HttpClient
的jar
包的版本更新升级,从httpclient 4.2.5
版本之后的jar包就不再支持DefaultHttpClient
了
package com.lucun.wltour.ota.muniao.utils;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
public class SSLClient extends DefaultHttpClient {
public SSLClient() throws Exception{
super();
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, getTrustingManager(), null);
SSLSocketFactory ssf = new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
ClientConnectionManager ccm = this.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https", 443, ssf));
}
private static TrustManager[] getTrustingManager() {
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException {}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException {}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
}
};
return trustAllCerts;
}
}
连接的操作
/**
* @param url 访问网址
* @param param 请求参数json格式
* @param charset 编码一般为utf-8
* @return
*/
public String send1(String url, String param, String charset){
HttpClient httpClient = null;
HttpPost httpPost = null;
String result = null;
if (null == charset || "".equals(charset)){
charset = "utf-8";
}
try{
httpClient = new SSLClient();
httpPost = new HttpPost(url);
httpPost.setHeader("Content-Type", "application/json");
StringEntity stringEntity = new StringEntity(param, "utf-8");
httpPost.setEntity(stringEntity);
HttpResponse response = httpClient.execute(httpPost);
if(response != null){
HttpEntity resEntity = response.getEntity();
if(resEntity != null){
result = EntityUtils.toString(resEntity,charset);
}
}
}catch(Exception e){
e.printStackTrace();
}
return result;
}
2.2) 实现X509TrustManager接口
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.impl.client.DefaultHttpClient;
public class SSLClient extends DefaultHttpClient {
//绕过验证
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("SSLv3");
// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sc.init(null, new TrustManager[] { trustManager }, null);
return sc;
}
}
连接网站的操作
/**
* @param url 访问网址
* @param param 请求参数json格式
* @param charset 编码一般为utf-8
* @return
*/
public String send1(String url, String param, String charset){
HttpClient httpClient = null;
HttpPost httpPost = null;
String result = null;
if (null == charset || "".equals(charset)){
charset = "utf-8";
}
try{
SSLContext sslcontext = SSLClient.createIgnoreVerifySSL();
// 设置协议http和https对应的处理socket链接工厂的对象
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.INSTANCE)
.register("https", new SSLConnectionSocketFactory(sslcontext))
.build();
PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
httpClient = HttpClients.custom().setConnectionManager(connManager).build();
httpPost = new HttpPost(url);
httpPost.setHeader("Content-Type", "application/json");
StringEntity stringEntity = new StringEntity(param, "utf-8");
httpPost.setEntity(stringEntity);
HttpResponse response = httpClient.execute(httpPost);
if(response != null){
HttpEntity resEntity = response.getEntity();
if(resEntity != null){
result = EntityUtils.toString(resEntity,charset);
}
}
}catch(Exception e){
e.printStackTrace();
}
return result;
}