溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務(wù)條款》

使用httpClient連接https時使用服務(wù)端證書(self-signed certificate)的方法

發(fā)布時間:2020-08-03 19:57:39 來源:網(wǎng)絡(luò) 閱讀:1727 作者:xiefeifeihu 欄目:安全技術(shù)

外出旅行、冬季保暖得常備戶外襪、速干襪、加厚襪子哦。

猛戳樂途驛站http://zhoupa1188.taobao.com搶購品牌男女式加厚戶外襪子,coolmax、全棉、保暖、吸汗、速干、登山、徒步襪子。滿10包郵

 

使用httpClient連接https時一般要在客戶端引入證書。引入方法有三種:

1、在jdk中導(dǎo)入證書;

2、將證書路徑設(shè)置到環(huán)境變量中:

System.setProperty("javax.net.ssl.trustStore", keyStore_path)
System.setProperty("javax.net.ssl.trustStorePassword", keyStore_password)

3、啟動java進(jìn)程時將證書路徑加入到啟動參數(shù)中。

有時訪問https網(wǎng)站時是不需要證書的。有時使用客戶端證書不一定成功, 拋各種各樣與證書相關(guān)的錯誤。這時可以使用服務(wù)端證書(self-signed certificate)。方法很簡單,只需在httpClient調(diào)用之前先注銷默認(rèn)的Socket Factory,使用自定義的Socket Factory:


        org.apache.commons.httpclient.protocol.Protocol.unregisterProtocol("https");
        org.apache.commons.httpclient.protocol.Protocol.registerProtocol("https", new Protocol("https", (ProtocolSocketFactory) new org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory(), 13087));
        
 org.apache.commons.httpclient.protocol.Protocol.unregisterProtocol("https"); org.apache.commons.httpclient.protocol.Protocol.registerProtocol("https", new Protocol("https", (ProtocolSocketFactory) new org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory(), 13087));

它需要依賴not-yet-commons-ssl-0.3.9.jar包:

<dependency>
    <groupId>org.apache.commons</groupId>
    <artifactId>not-yet-commons-ssl</artifactId>
    <version>0.3.9</version>
</dependency>

 

我遇到拋的異常為:

org.apache.axis2.AxisFault: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:83)

Caused by: com.ctc.wstx.exc.WstxIOException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:313)
at org.apache.axiom.om.impl.MTOMXMLStreamWriter.flush(MTOMXMLStreamWriter.java:146)

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)

Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:187)

Caused by: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:195)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:206)
at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:182)
… 49 more

 

使用httpClient連接https時使用服務(wù)端證書(self-signed certificate)的方法

向AI問一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報,并提供相關(guān)證據(jù),一經(jīng)查實,將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI