java - apache httpclient 4.4 的 HTTPs 连接

标签 java apache apache-httpclient-4.x

我对 httpclient 还很陌生,但我想做的是从本地 https 服务器获取和发布内容。当我使用浏览器访问这个url时,我需要手动接受并继续。我几乎用这个sample code由 Apache 提供。我的编辑器也是如此

public class ClientCustomSSL {

   public final static void main(String[] args) throws Exception {
      // Trust own CA and all self-signed certs
      final SSLContext sslcontext = SSLContext.getDefault();
      // Allow TLSv1 protocol only
      final SSLConnectionSocketFactory sslsf =
            new SSLConnectionSocketFactory(sslcontext,
                  new String[] { "TLSv1" }, null,
                  SSLConnectionSocketFactory.getDefaultHostnameVerifier());
      final CloseableHttpClient httpclient =
            HttpClients.custom().setSSLSocketFactory(sslsf).build();
      try {

         final HttpGet httpget =
               new HttpGet("https://localhost:8443/portal/css/style.css");

         System.out.println("executing request " + httpget.getRequestLine());

         final CloseableHttpResponse response = httpclient.execute(httpget);
         try {
            final HttpEntity entity = response.getEntity();

            System.out.println("----------------------------------------");
            System.out.println(response.getStatusLine());
            EntityUtils.consume(entity);
         } finally {
            response.close();
         }
      } finally {
         httpclient.close();
      }
   }

}

但是,我遇到了以下异常...

Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
   at sun.security.ssl.Alerts.getSSLException(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
   at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
   at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
   at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
   at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
   at sun.security.ssl.Handshaker.processLoop(Unknown Source)
   at sun.security.ssl.Handshaker.process_record(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:395)
   at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:354)
   at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)
   at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
   at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
   at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
   at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
   at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
   at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
   at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
   at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
   at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
   at com.vmware.vdi.installer.broker.ClientCustomSSL.main(ClientCustomSSL.java:67)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
   at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
   at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
   at sun.security.validator.Validator.validate(Unknown Source)
   at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
   at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
   at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
   ... 21 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
   at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
   at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
   at java.security.cert.CertPathBuilder.build(Unknown Source)
   ... 27 more

不知道我需要做什么......

最佳答案

this page关于这个问题有一个解决方案。

解决方案之一是更新 JRE_HOME/lib 目录中的 CACERT 文件。为此,您可以查看 here .

另一个解决方案是覆盖检查并接受不受信任的证书。

TrustManager[] trustAllCerts = new TrustManager[] {
       new X509TrustManager() {
          public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
          }

          public void checkClientTrusted(X509Certificate[] certs, String authType) {  }

          public void checkServerTrusted(X509Certificate[] certs, String authType) {  }

       }
    };

关于java - apache httpclient 4.4 的 HTTPs 连接,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28537184/

上一篇:java - QueryDSL DateTime 字段格式化投影

下一篇:java - 为什么java中的Stack类不会在 'add'方法上抛出UnsupportedOperationException?

相关文章:

android - 发送 HttpPost 请求时出现 SocketTimeOutException

java - 无法在 Java/Apache HttpClient 中处理带有垂直/竖线的 url

php - Android - 上传图片时设置内容类型时出错

java - 如何正确使用TableCellRenderer对单元格进行颜色匹配

Java 相当于 Visual Basic 选项卡功能

Java Apache FileUtils readFileToString 和 writeStringToFile 问题

apache - 搞乱配置文件后将 www 重定向到 https

apache - 一个站点的多个域 : alias or redirect?

java - 如何使用 Netbeans 和 Glassfish 分析企业应用程序?

java - Vaadin Textarea 自动高度

©2024 IT工具网  联系我们