java.security.cert.CertificateException: No name matching api.weibo.com found;取消验证
来源:互联网 发布:php修复00截断的版本 编辑:程序博客网 时间:2024/06/05 07:35
1、报错信息
java.security.cert.CertificateException: No name matching api.weibo.com found; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching api.weibo.com found
原因:在调用api.weibo.com的时候,我们使用的是https的方式,正常情况下应该是使用api.weibo.com的证书,但由于某些原因,我们只能使用自己的证书,导致在验证证书的时候,就报了这个错误。
解决的办法:忽略服务端和客户端的证书校验即可。java 提供的相关的类。
2、具体实现方式
通过重写TrustManager的checkClientTrusted(检查客户端证书信任)和checkServerTrusted(检查服务端证书验证)。
以及HostnameVerifier的verify(校验)方法即可取消对证书的所有验证。
复制代码
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.net.ssl.*;
import java.io.IOException;
import java.net.URL;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
public final class DisableSSLCertificateCheckUtil {
private static final Logger LOGGER = LoggerFactory.getLogger(DisableSSLCertificateCheckUtil.class);
/**
* Prevent instantiation of utility class.
*/
private DisableSSLCertificateCheckUtil() {
}
/**
* Disable trust checks for SSL connections.
*/
public static void disableChecks() {
try {
new URL("https://0.0.0.0/").getContent();
} catch (IOException e) {
// This invocation will always fail, but it will register the
// default SSL provider to the URL class.
}
try {
SSLContext sslc;
sslc = SSLContext.getInstance("TLS");
TrustManager[] trustManagerArray = {new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}};
sslc.init(null, trustManagerArray, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sslc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
} catch (Exception e) {
LOGGER.error("error msg:{}", e);
throw new IllegalArgumentException("证书校验异常!");
}
}
}
复制代码
调用方式:
DisableSSLCertificateCheckUtil.disableChecks();
影响的范围:将会影响整个tomcat里面对证书的验证。即通过tomcat里面的其他项目虽然没有执行这一段代码但是也同样会忽略证书的验证。
影响的时间:执行这段代码之后的所有时间都生效。
java.security.cert.CertificateException: No name matching api.weibo.com found; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching api.weibo.com found
原因:在调用api.weibo.com的时候,我们使用的是https的方式,正常情况下应该是使用api.weibo.com的证书,但由于某些原因,我们只能使用自己的证书,导致在验证证书的时候,就报了这个错误。
解决的办法:忽略服务端和客户端的证书校验即可。java 提供的相关的类。
2、具体实现方式
通过重写TrustManager的checkClientTrusted(检查客户端证书信任)和checkServerTrusted(检查服务端证书验证)。
以及HostnameVerifier的verify(校验)方法即可取消对证书的所有验证。
复制代码
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.net.ssl.*;
import java.io.IOException;
import java.net.URL;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
public final class DisableSSLCertificateCheckUtil {
private static final Logger LOGGER = LoggerFactory.getLogger(DisableSSLCertificateCheckUtil.class);
/**
* Prevent instantiation of utility class.
*/
private DisableSSLCertificateCheckUtil() {
}
/**
* Disable trust checks for SSL connections.
*/
public static void disableChecks() {
try {
new URL("https://0.0.0.0/").getContent();
} catch (IOException e) {
// This invocation will always fail, but it will register the
// default SSL provider to the URL class.
}
try {
SSLContext sslc;
sslc = SSLContext.getInstance("TLS");
TrustManager[] trustManagerArray = {new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}};
sslc.init(null, trustManagerArray, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sslc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
} catch (Exception e) {
LOGGER.error("error msg:{}", e);
throw new IllegalArgumentException("证书校验异常!");
}
}
}
复制代码
调用方式:
DisableSSLCertificateCheckUtil.disableChecks();
影响的范围:将会影响整个tomcat里面对证书的验证。即通过tomcat里面的其他项目虽然没有执行这一段代码但是也同样会忽略证书的验证。
影响的时间:执行这段代码之后的所有时间都生效。
致谢:感谢您的耐心阅读!
原文出处:点击打开链接
阅读全文
0 0
- java.security.cert.CertificateException: No name matching api.weibo.com found;取消验证
- Java.Security.Cert.CertificateException: No Name Matching Localhost Found
- java.security.cert.CertificateException: No name matching cas.gogoyuan.cn found
- java.security.cert.CertificateException: No name matching https证书验证不通过
- CAS部署错误3:java.security.cert.CertificateException: No name match
- package com.w3ang.learning.https; import java.security.cert.CertificateException; import java.secur
- Caused by: java.security.cert.CertificateException: No subject alternative names present
- Android 问题解决:Caused by: java.security.cert.CertificateException
- java.security.cert.CertificateException: Selenium 自动化的时候调用API 执行操作引起的关于https的问题
- 导入申请的证书时发生java.security.cert.CertificateException: java.io.EOFException异常
- java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
- java.security.cert.CertificateException: Issuer class type invalid or Subject class type in valid
- 解決 java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
- No Name Matching Localhost Found Error : Tomcat and CAS Configuration
- java.lang.Exception: No tests found matching Method test5(com.crosudd.test.TestMybatis) from org.jun
- java.lang.Exception: No tests found matching
- java.lang.Exception: No tests found matching
- java.lang.Exception: No tests found matching
- 最大子矩阵问题----悬线法
- Git@OSC实现从本地添加项目到远程仓库
- 【VC】中自定义消息实现
- Java反射机制知识总结
- 算法题目---圆圈中最后剩下的数字
- java.security.cert.CertificateException: No name matching api.weibo.com found;取消验证
- Git学习笔记
- Linux 的启动流程
- HDU 6097 Mindis
- Linux下ffmpeg交叉编译
- 成为Java顶尖程序员 ,看这11本书就够了
- 2017 Android GitHub常用热门开源框架汇总
- 统计自然语言处理1-----绪论(二)
- SpringBoot入门(三)Controller的使用