使用IP调用https的webservice问题
www.acgist.com/article/393.html
使用IP调用https的webservice问题2017年02月08日 错误信息:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
at sun.security.ssl.Alerts.getSSLException(Alerts.java:
192
)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:
1949
)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:
302
)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:
296
)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:
1509
)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:
216
)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:
979
)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:
914
)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:
1062
)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:
1375
)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:
1403
)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:
1387
)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
559
)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:
185
)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:
1283
)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:
1258
)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:
250
)
at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:
104
)
...
39
more Caused by: java.security.cert.CertificateException: No subject alternative names present
at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:
144
)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:
93
)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:
455
)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:
436
)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:
200
)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:
124
)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:
1491
)
...
52
more |
1 2 3 4 5 | javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address xxx.xxx.xxx.xxx found
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:
174
)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:
1747
)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:
241
)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:
235
) |
1.使用域名访问
2.忽略SSL证书,代码如下:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 | package
com.sojson.www.zhanzhang.utils;
import
java.security.cert.CertificateException;
import
java.security.cert.X509Certificate;
import
javax.net.ssl.HostnameVerifier;
import
javax.net.ssl.HttpsURLConnection;
import
javax.net.ssl.SSLContext;
import
javax.net.ssl.SSLSession;
import
javax.net.ssl.TrustManager;
import
javax.net.ssl.X509TrustManager;
public
class
SslUtils {
private
static
void
trustAllHttpsCertificates()
throws
Exception {
TrustManager[] trustAllCerts =
new
TrustManager[
1
];
TrustManager tm =
new
miTM();
trustAllCerts[
0
] = tm;
SSLContext sc = SSLContext.getInstance(
"SSL"
);
sc.init(
null
, trustAllCerts,
null
);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}
static
class
miTM
implements
TrustManager,X509TrustManager {
public
X509Certificate[] getAcceptedIssuers() {
return
null
;
}
public
boolean
isServerTrusted(X509Certificate[] certs) {
return
true
;
}
public
boolean
isClientTrusted(X509Certificate[] certs) {
return
true
;
}
public
void
checkServerTrusted(X509Certificate[] certs, String authType)
throws
CertificateException {
return
;
}
public
void
checkClientTrusted(X509Certificate[] certs, String authType)
throws
CertificateException {
return
;
}
}
/**
* 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
* @throws Exception
*/
public
static
void
ignoreSsl()
throws
Exception{
HostnameVerifier hv =
new
HostnameVerifier() {
public
boolean
verify(String urlHostName, SSLSession session) {
return
true
;
}
};
trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
} } |
推荐阅读
- 由浅入深理解AOP
- 【译】20个更有效地使用谷歌搜索的技巧
- mybatisplus如何在xml的连表查询中使用queryWrapper
- MybatisPlus|MybatisPlus LambdaQueryWrapper使用int默认值的坑及解决
- MybatisPlus使用queryWrapper如何实现复杂查询
- 画解算法(1.|画解算法:1. 两数之和)
- SpringBoot调用公共模块的自定义注解失效的解决
- iOS中的Block
- Linux下面如何查看tomcat已经使用多少线程
- thinkphp|thinkphp 3.2 如何调用第三方类库