现在请帮助, 我想通过 SOAP 调用 api 并使用 httpclient 4.5.5
我的代码
static String callApi(String url, String requestXml)
{
String responseXml = "";
CloseableHttpClient httpClient = null;
HttpPost httpPost;
try
{
httpClient = HttpClients.createDefault();
httpPost = new HttpPost(url);
httpPost.setHeader("Content-Type", "text/xml; charset=utf-8");
httpPost.setHeader("x-ibm-client-id", Config.csp.validKey);
StringEntity entiry = new StringEntity(requestXml, "UTF-8");
httpPost.setEntity(entiry);
HttpResponse response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
responseXml = EntityUtils.toString(entity, "UTF-8");
}
catch (Exception ex)
{
log.error("", ex);
}
finally
{
try
{
if (httpClient != null)
httpClient.close();
}
catch (Exception ex)
{
log.error("", ex);
}
}
return responseXml;
}
当我调试然后显示错误
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <10.xx.xx.xx> doesn't match any of the subject alternative names: [*.domain.vn, domain.vn] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:467) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient-4.5.5.jar:4.5.5] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) ~[httpclient-4.5.5.jar:4.5.5]
请帮忙。非常感谢
最佳答案
你没有显示你如何调用 callApi()
但我猜你正在使用 10.xx.xx.xx
IP 地址来寻址你的主机而不是其证书中包含的名称之一。
当主机名验证生效时,您不能执行此操作。
您最好更改为通过其证书公用名称或主题备用名称 (SAN) 之一对其进行寻址。但是,如果您不能这样做,并且由于 10.*
IP 地址范围是专用网络,您可以安全地关闭此服务器到服务器调用的主机名验证。
而不是这个...
httpClient = HttpClients.createDefault();
这样做...
httpClient = HttpClients
.custom()
.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.build();
根据您使用的 Apache HttpClient 版本,语法可能略有不同。
这会禁用安全控制。在您无法控制的网络上调用主机时,请勿这样做。
关于java - 如何调用 SOAP Web 服务使用带有 SSL 的 httpclient,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50343268/