banner
RustyNail

RustyNail

coder. 【blog】https://rustynail.me 【nostr】wss://ts.relays.world/ wss://relays.world/nostr
主页归档

【CrudBoy的奇妙历险】HttpClient SSL 报错

34
AI 生成的摘要
在获取数据时,因为URL的SSL证书问题导致报错,可以通过实现TrustManager来解决,设置默认的client并设置默认的主机名验证为true。
bash
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address 10.196.85.91 found
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.j

在 new Url (url) 获取数据时,因为 url 的 ssl 证书问题(过期之类的),报错;

先实现个TrustManager

static class miTM implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager {
			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
				return null;
			}

			public boolean isServerTrusted(java.security.cert.X509Certificate[] certs) {
				return true;
			}

			public boolean isClientTrusted(java.security.cert.X509Certificate[] certs) {
				return true;
			}

			public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
					throws java.security.cert.CertificateException {
				return;
			}

			public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
					throws java.security.cert.CertificateException {
				return;
			}
		}

设置一下默认的 client, setDefaultHostnameVerifier 默认true就完事了

javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[] {new miTM()};
							javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("SSL");
							sc.init(null, trustAllCerts, null);
							javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
							// 过验证
							javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
								@Override
								public boolean verify(String hostname, SSLSession session) {
									return true;
								}
							});
加载中...
此文章数据所有权由区块链加密技术和智能合约保障仅归创作者所有。