异常信息:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target。
异常信息说明:源程序请求目标程序,目标程序的证书源程序不信任。
处理方案:
一、将目标程序的证书加入到本地项目的jre的证书库。
1、导出目标地址的域名证书。
例如:
2、进入jre安装目录的证书存放位置。
cd C:\Program Files\Java\jdk1.8.0_251\jre\lib\security
C:\Program Files\Java\jdk1.8.0_251\jre\lib\security
C:\Program Files\Java\jre1.8.0_251\lib\security
3、导入目标域名的证书到当前目录下,root用户
keytool -import -alias abc -keystore cacerts -file D://aaa.cer
4、查看证书
keytool -list -keystore cacerts -alias aaa
二、源程序请求时信任所有的目标程序证书。
代码层级-调用:
Log.info("调用电商五要素接口请求报文:{}", JSON.toJSONString(requestBase));
//result = HttpClientUtil.doPostJson(url, JSON.toJSONString(requestBase), 10000);
result = HttpClientUtil.doPost(url, JSON.toJSONString(requestBase));
Log.info("调用电商五要素接口返回报文:{}",result);
代码层级-请求:
package com.sinosoft.eflex.service;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.NameValuePair;
import org.apache.http.ParseException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicHeader;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.util.EntityUtils;
import javax.net.ssl.SSLContext;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
/**
* 问题:源程序请求目标程序,目标程序的证书源程序不信任。
* javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
*/
public class HttpClientUtil {
private static CloseableHttpClient httpClient;
/**
* 信任SSL证书
*/
static {
try {
SSLContext sslContext = SSLContextBuilder.create().useProtocol(SSLConnectionSocketFactory.SSL).loadTrustMaterial((x, y) -> true).build();
RequestConfig config = RequestConfig.custom().setConnectTimeout(5000).setSocketTimeout(5000).build();
httpClient = HttpClientBuilder.create().setDefaultRequestConfig(config).setSSLContext(sslContext).setSSLHostnameVerifier((x, y) -> true).build();
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* post请求
* @param url
* @param params
* @return
*/
public static String doPost(String url, Map<String, String> params) {
if (StringUtils.isBlank(url)) {
return null;
}
try {
List<NameValuePair> pairs = null;
if (params != null && !params.isEmpty()) {
pairs = new ArrayList<>(params.size());
for (Map.Entry<String, String> entry : params.entrySet()) {
String value = entry.getValue();
if (value != null) {
pairs.add(new BasicNameValuePair(entry.getKey(), value));
}
}
}
HttpPost httpPost = new HttpPost(url);
if (pairs != null && pairs.size() > 0) {
httpPost.setEntity(new UrlEncodedFormEntity(pairs, "utf-8"));
}
CloseableHttpResponse response = httpClient.execute(httpPost);
int statusCode = response.getStatusLine().getStatusCode();
if (statusCode != 200) {
httpPost.abort();
throw new RuntimeException("HttpClient is error status code :"
+ statusCode);
}
HttpEntity entity = response.getEntity();
String result = null;
if (entity != null) {
result = EntityUtils.toString(entity, "utf-8");
}
EntityUtils.consume(entity);
response.close();
return result;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/**
* post请求 发送json格式的报文 StringEntity
* @param url
* @param jsonString
* @return
*/
public static String doPost(String url, String jsonString) {
if (StringUtils.isBlank(url)) {
return null;
}
try {
HttpPost httpPost = new HttpPost(url);
StringEntity stringEntity = new StringEntity(jsonString, "utf-8");
stringEntity.setContentType("application/json");
httpPost.setEntity(stringEntity);
CloseableHttpResponse response = httpClient.execute(httpPost);
int statusCode = response.getStatusLine().getStatusCode();
if (statusCode != 200) {
httpPost.abort();
throw new RuntimeException("HttpClient is error status code :"
+ statusCode);
}
HttpEntity entity = response.getEntity();
String result = null;
if (entity != null) {
result = EntityUtils.toString(entity, "utf-8");
}
EntityUtils.consume(entity);
response.close();
return result;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}