javax.net.ssl.SSLHandshakeException: sun.security.validator 问题解决,与环境有关

用httpclient访问https 资源时,会出现异常,与环境也有关系，有些机器请求正常.

 

 错误详情：

Java代码  

1. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target  
2.         at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)  
3.         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1623)  
4.         at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:198)  
5.         at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:192)  
6.         at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1074)  
7.         at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:128)  
8.         at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:529)  
9.         at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:465)  
10.         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)  
11.         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)  
12.         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1147)  
13.         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1131)  
14.         at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)  
15.         at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)  
16.         at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049)  
17.         at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)  
18.         at com.msd.payCenter.msdPay.yeePay.util.HttpUtils.URLGet(HttpUtils.java:67)  
19.         at com.msd.payCenter.msdPay.yeePay.service.impl.YeePayServiceImpl.yeeAutoCheckOrder(YeePayServiceImpl.java:298)  
20.         at com.msd.payCenter.msdPay.AutoCheckOrderServiceImpl.autoCheckOrder(AutoCheckOrderServiceImpl.java:83)  
21.         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)  

 

 

解决方法：

增加一个自己的https协议类 MySSLSocketFactory.java

 

 

Java代码  

1. package com.nassir.hc3;  
2.   
3. import java.io.IOException;  
4. import java.net.InetAddress;  
5. import java.net.InetSocketAddress;  
6. import java.net.Socket;  
7. import java.net.SocketAddress;  
8. import java.net.UnknownHostException;  
9. import java.security.KeyManagementException;  
10. import java.security.NoSuchAlgorithmException;  
11. import java.security.cert.CertificateException;  
12. import java.security.cert.X509Certificate;  
13.   
14. import javax.net.SocketFactory;  
15. import javax.net.ssl.SSLContext;  
16. import javax.net.ssl.TrustManager;  
17. import javax.net.ssl.X509TrustManager;  
18.   
19. import org.apache.commons.httpclient.ConnectTimeoutException;  
20. import org.apache.commons.httpclient.params.HttpConnectionParams;  
21. import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;  
22.   
23. public class MySSLSocketFactory implements ProtocolSocketFactory {  
24.     static {  
25.         System.out.println(">>>>in MySSLSocketFactory>>");  
26.     }  
27.     private SSLContext sslcontext = null;  
28.   
29.     private SSLContext createSSLContext() {  
30.         SSLContext sslcontext = null;  
31.         try {  
32.             sslcontext = SSLContext.getInstance("SSL");  
33.             sslcontext.init(null,  
34.                     new TrustManager[] { new TrustAnyTrustManager() },  
35.                     new java.security.SecureRandom());  
36.         } catch (NoSuchAlgorithmException e) {  
37.             e.printStackTrace();  
38.         } catch (KeyManagementException e) {  
39.             e.printStackTrace();  
40.         }  
41.         return sslcontext;  
42.     }  
43.   
44.     private SSLContext getSSLContext() {  
45.         if (this.sslcontext == null) {  
46.             this.sslcontext = createSSLContext();  
47.         }  
48.         return this.sslcontext;  
49.     }  
50.   
51.     public Socket createSocket(Socket socket, String host, int port,  
52.             boolean autoClose) throws IOException, UnknownHostException {  
53.         return getSSLContext().getSocketFactory().createSocket(socket, host,  
54.                 port, autoClose);  
55.     }  
56.   
57.     public Socket createSocket(String host, int port) throws IOException,  
58.             UnknownHostException {  
59.         return getSSLContext().getSocketFactory().createSocket(host, port);  
60.     }  
61.   
62.     public Socket createSocket(String host, int port, InetAddress clientHost,  
63.             int clientPort) throws IOException, UnknownHostException {  
64.         return getSSLContext().getSocketFactory().createSocket(host, port,  
65.                 clientHost, clientPort);  
66.     }  
67.   
68.     public Socket createSocket(String host, int port, InetAddress localAddress,  
69.             int localPort, HttpConnectionParams params) throws IOException,  
70.             UnknownHostException, ConnectTimeoutException {  
71.         if (params == null) {  
72.             throw new IllegalArgumentException("Parameters may not be null");  
73.         }  
74.         int timeout = params.getConnectionTimeout();  
75.         SocketFactory socketfactory = getSSLContext().getSocketFactory();  
76.         if (timeout == 0) {  
77.             return socketfactory.createSocket(host, port, localAddress,  
78.                     localPort);  
79.         } else {  
80.             Socket socket = socketfactory.createSocket();  
81.             SocketAddress localaddr = new InetSocketAddress(localAddress,  
82.                     localPort);  
83.             SocketAddress remoteaddr = new InetSocketAddress(host, port);  
84.             socket.bind(localaddr);  
85.             socket.connect(remoteaddr, timeout);  
86.             return socket;  
87.         }  
88.     }  
89.   
90.     private static class TrustAnyTrustManager implements X509TrustManager {  
91.   
92.         public void checkClientTrusted(X509Certificate[] chain, String authType)  
93.                 throws CertificateException {  
94.         }  
95.   
96.         public void checkServerTrusted(X509Certificate[] chain, String authType)  
97.                 throws CertificateException {  
98.         }  
99.   
100.         public X509Certificate[] getAcceptedIssuers() {  
101.             return new X509Certificate[] {};  
102.         }  
103.     }  
104. }  

 

 

请求类：

 

 

Java代码  

1. /** 
2.  *  
3.  */  
4. package com.nassir.hc3;  
5.   
6. import java.io.IOException;  
7. import java.io.InputStream;  
8.   
9. import org.apache.commons.httpclient.HttpClient;  
10. import org.apache.commons.httpclient.HttpException;  
11. import org.apache.commons.httpclient.HttpMethod;  
12. import org.apache.commons.httpclient.methods.PostMethod;  
13. import org.apache.commons.httpclient.protocol.Protocol;  
14.   
15. /** 
16.  * @author nassir wen 
17.  * @data 2012-3-31 下午05:09:13 
18.  * @version V2.5 
19.  * @Company: MSD. 
20.  * @Copyright Copyright (c) 2012 
21.  */  
22. public class HttpsRequest {  
23.   
24.     /** 
25.      *  
26.      * @param url 
27.      * @return 
28.      */  
29.     public static String post(String url) {  
30.         //增加下面两行代码  
31.         Protocol myhttps = new Protocol("https", new MySSLSocketFactory(), 443);  
32.         Protocol.registerProtocol("https", myhttps);  
33.           
34.         HttpClient client = new HttpClient();  
35.         HttpMethod post = new PostMethod(url);  
36.         try {  
37.             client.executeMethod(post);  
38.             byte[] responseBody = post.getResponseBody();  
39.             String result = new String(responseBody,"GBK");  
40.             return result;  
41.         } catch (HttpException e) {  
42.             e.printStackTrace();  
43.         } catch (IOException e) {  
44.             e.printStackTrace();  
45.         } finally {  
46.             post.releaseConnection();  
47.         }  
48.         return null;  
49.     }  
50. }  

 

 

 

测试：

 

Java代码  

1. public static void main(String[] args) {  
2.         System.out.println(HttpsRequest.post("https://www.alipay.com"));//支付宝做测试  
3.     }  

 

 

解决方案来源：http://hi.baidu.com/69hwj/blog/item/3e9e457bf2f8b1f10bd18766.html

 

附件包含：以上代码以及httpclient3.x与httpclient4.x 事例.