在开发项目中需要调用第三方接口,本地测试没问题,部署到公司服务器就出现安全证书问题,具体报错:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
自己在网上查了一些资料,找到相关解决代码:
import org.springframework.stereotype.Controller; import javax.net.ssl.*; import java.io.*; import java.net.HttpURLConnection; import java.net.MalformedURLException; import java.net.URL; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; /** * http请求安全证书 * * @author xm * @date 2018-4-11 11:03:39 */ @Controller public class SslTrustManager { private String message=null; private static class TrustAnyTrustManager implements X509TrustManager { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[]{}; } } private static class TrustAnyHostnameVerifier implements HostnameVerifier { public boolean verify(String hostname, SSLSession session) { return true; } } //绕过安全认证方法1 public static String test(String url) throws Exception { URL console = new URL(url); HttpURLConnection conn = (HttpURLConnection) console.openConnection(); if (conn instanceof HttpsURLConnection) { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom()); ((HttpsURLConnection) conn).setSSLSocketFactory(sc.getSocketFactory()); ((HttpsURLConnection) conn).setHostnameVerifier(new TrustAnyHostnameVerifier()); } conn.setRequestMethod("POST"); conn.setDoOutput(true);// 设置允许输出 conn.connect(); String aReturn = getReturn(conn); System.out.println("请求执行了"+aReturn); return aReturn; } /*请求url获取返回的内容*/ public static String getReturn(HttpURLConnection connection) throws IOException { StringBuffer buffer = new StringBuffer(); //将返回的输入流转换成字符串 try (InputStream inputStream = connection.getInputStream(); InputStreamReader inputStreamReader = new InputStreamReader(inputStream); BufferedReader bufferedReader = new BufferedReader(inputStreamReader);) { String str = null; while ((str = bufferedReader.readLine()) != null) { buffer.append(str); } String result = buffer.toString(); return result; } } //绕过安全认证方法2 public String httpsPostData( String urlPath, String content){ URL url; try { url = new URL(urlPath); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); conn.setDoOutput(true);// 设置允许输出 conn.setRequestMethod("POST"); conn.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"); conn.setRequestProperty("Charset", "UTF-8"); conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); OutputStream os = conn.getOutputStream(); os.write(content.getBytes()); os.close(); /* 服务器返回的响应码 */ int code = conn.getResponseCode(); //Log.i("https","code="+code); if (code == 200) { BufferedReader in = new BufferedReader( new InputStreamReader(conn.getInputStream(), "UTF-8")); String retData = null; String responseData = ""; while ((retData = in.readLine()) != null) { responseData += retData; } in.close(); System.out.println("返回的数据:"+responseData); message=responseData; return responseData.toString(); } else { // Log.i("https","return error"); } } catch (MalformedURLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); } return null; } }还有一种情况,如果是HTTP链接,本地测试没问题,放在服务器报安全证书过期错误,有可能是服务器系统IP未进行安全认证,换一个有安全认证的服务器部署就没问题了,我就遇到了这个问题,在本机测试没问题,在公司服务器出现安全证书问题,但是在华为服务器又好着呢,所以可以试一试.