java.security.cert.CertificateException: No name matching https证书验证不通过
来源:互联网 发布:农村淘宝报名条件 编辑:程序博客网 时间:2024/05/21 18:35
1、报错信息
1
java.security.cert.CertificateException: No name matching api.weibo.com found; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching api.weibo.com found
原因:在调用api.weibo.com的时候,我们使用的是https的方式,正常情况下应该是使用api.weibo.com的证书,但由于某些原因,我们只能使用自己的证书,导致在验证证书的时候,就报了这个错误。
解决的办法:忽略服务端和客户端的证书校验即可。java 提供的相关的类。
2、具体实现方式
通过重写TrustManager的checkClientTrusted(检查客户端证书信任)和checkServerTrusted(检查服务端证书验证)。
以及HostnameVerifier的verify(校验)方法即可取消对证书的所有验证。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
import
org.slf4j.Logger;
import
org.slf4j.LoggerFactory;
import
javax.net.ssl.*;
import
java.io.IOException;
import
java.net.URL;
import
java.security.cert.CertificateException;
import
java.security.cert.X509Certificate;
public
final
class
DisableSSLCertificateCheckUtil {
private
static
final
Logger LOGGER = LoggerFactory.getLogger(DisableSSLCertificateCheckUtil.
class
);
/**
* Prevent instantiation of utility class.
*/
private
DisableSSLCertificateCheckUtil() {
}
/**
* Disable trust checks for SSL connections.
*/
public
static
void
disableChecks() {
try
{
new
URL(
"https://0.0.0.0/"
).getContent();
}
catch
(IOException e) {
// This invocation will always fail, but it will register the
// default SSL provider to the URL class.
}
try
{
SSLContext sslc;
sslc = SSLContext.getInstance(
"TLS"
);
TrustManager[] trustManagerArray = {
new
X509TrustManager() {
@Override
public
void
checkClientTrusted(X509Certificate[] chain, String authType)
throws
CertificateException {
}
@Override
public
void
checkServerTrusted(X509Certificate[] chain, String authType)
throws
CertificateException {
}
@Override
public
X509Certificate[] getAcceptedIssuers() {
return
new
X509Certificate[
0
];
}
}};
sslc.init(
null
, trustManagerArray,
null
);
HttpsURLConnection.setDefaultSSLSocketFactory(sslc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new
HostnameVerifier() {
@Override
public
boolean
verify(String s, SSLSession sslSession) {
return
true
;
}
});
}
catch
(Exception e) {
LOGGER.error(
"error msg:{}"
, e);
throw
new
IllegalArgumentException(
"证书校验异常!"
);
}
}
}
调用方式:
1
DisableSSLCertificateCheckUtil.disableChecks();
影响的范围:将会影响整个tomcat里面对证书的验证。即通过tomcat里面的其他项目虽然没有执行这一段代码但是也同样会忽略证书的验证。
影响的时间:执行这段代码之后的所有时间都生效。
原文地址:http://www.importnew.com/24192.html
阅读全文
0 0
- java.security.cert.CertificateException: No name matching https证书验证不通过
- Java.Security.Cert.CertificateException: No Name Matching Localhost Found
- java.security.cert.CertificateException: No name matching api.weibo.com found;取消验证
- java.security.cert.CertificateException: No name matching cas.gogoyuan.cn found
- CAS部署错误3:java.security.cert.CertificateException: No name match
- 导入申请的证书时发生java.security.cert.CertificateException: java.io.EOFException异常
- package com.w3ang.learning.https; import java.security.cert.CertificateException; import java.secur
- Caused by: java.security.cert.CertificateException: No subject alternative names present
- Android 问题解决:Caused by: java.security.cert.CertificateException
- java.security.cert.CertificateException: Selenium 自动化的时候调用API 执行操作引起的关于https的问题
- java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
- java.security.cert.CertificateException: Issuer class type invalid or Subject class type in valid
- 解決 java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
- AFNetworking允许不通过证书验证访问https(AFNetworking+SSL)
- No Matching Security Types
- WAS导入证书--错误提示:java.security.cert.CertPathValidatorException: Certificate chaining error
- android ksoap2 访问https javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorExce
- Https报错java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
- linux下tomcat配置自定义jdk
- ERROR 1205 : Lock wait timeout exceeded; try restarting transaction
- strace 跟踪进程中的系统调用
- Spring boot入门五 spring mvc spring boot mybatis配置整合
- TCP和UDP的最完整的区别
- java.security.cert.CertificateException: No name matching https证书验证不通过
- 拨开字符编码的迷雾
- 树莓派 Raspberry Pi 更换国内源
- ARCore
- 获取当前手机单个app内存限制
- Unity_AnimatorLayers动画分层_068
- display:inline-block配合text-align:justify实现块级元素均匀布局
- 学以致用,字符串方法,前面学的要记住
- 紫书第三章-----数组和字符串