java - 使用 java 使用 REST API - SSLHandshakeException

标签 java security ssl https

我正在尝试使用 Java 使用 REST API。但是,当我运行代码时,它向我显示了这个异常。 我不明白这是什么意思,我尝试搜索解决方案,但我无法得到它:(

这是连接代码:

import javax.ws.rs.core.MediaType;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.client.WebTarget;
import org.glassfish.jersey.client.ClientConfig;
import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;

public class connectToAPI {
         public static void main(String[] args) {

try{
URL url = new URL("https://ip:port/rest/path");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
String userpassword = "user:pass";
conn.setUseCaches(false);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization","Basic "+
              userpassword);
conn.setRequestProperty("Content-Type","application/json");
OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
wr.flush();
int status = 0;
if( null != conn ){
status = conn.getResponseCode();
}

if( status != 0){
       System.out.println("status!=0");
if( status == 200 ){

       System.out.println("status==200");
//SUCCESS message
BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));



}else if(status == 401){

       System.out.println("status==401");



}else if(status == 501){

       System.out.println("status==501");



}else if( status == 503){

       System.out.println("status==503");



}





}



} catch (Exception e) {

e.printStackTrace();

}

}
              }

当我运行代码时,它显示了这个异常:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address ip found

   at sun.security.ssl.Alerts.getSSLException(Unknown Source)

   at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

   at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

   at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

   at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)

   at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)

   at sun.security.ssl.Handshaker.processLoop(Unknown Source)

   at sun.security.ssl.Handshaker.process_record(Unknown Source)

   at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)

   at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)

   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

   at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)

   at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)

   at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(Unknown Source)

   at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)

   at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)

   at alert.connectToBAM.main(connectToBAM.java:77)

Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address ip found

   at sun.security.util.HostnameChecker.matchIP(Unknown Source)

   at sun.security.util.HostnameChecker.match(Unknown Source)

   at sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)

   at sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)

   at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)

   at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

   ... 14 more

我也试过 jersey clinet:

javax.ws.rs.client.Client client = ClientBuilder.newClient();

                           WebTarget target = client.target("https://ip:port/rest/path");

                           System.out.println(

                                         target.request(MediaType.APPLICATION_JSON).get(String.class));

它显示了这个错误:

Exception in thread "main" javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address ip found

   at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:284)

   at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:278)

   at org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$1(JerseyInvocation.java:767)

   at org.glassfish.jersey.internal.Errors.process(Errors.java:316)

   at org.glassfish.jersey.internal.Errors.process(Errors.java:298)

   at org.glassfish.jersey.internal.Errors.process(Errors.java:229)

   at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:414)

   at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:765)

   at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:428)

   at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:324)

   at alert.connectToBAM.main(connectToBAM.java:47)

有什么想法吗?拜托,这是我的毕业设计:(

最佳答案 

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException

一般此类异常是由于证书的证书验证问题引起的,请按照以下步骤操作: 1.从浏览器下载证书,添加到jre文件夹下的cacerts文件中 2. 我们需要添加一些 java 代码来使用 TrustManager 验证证书。 代码如下:

public static void trustManager()
{
    try 
    {

        TrustManager[] trustAllCerts = new TrustManager[]
                {
                        new X509TrustManager()
                        {
                            @Override
                            public void checkClientTrusted(X509Certificate[] chain, String authType)
                                    throws CertificateException {
                                // TODO Auto-generated method stub
                            }
                            @Override
                            public void checkServerTrusted(X509Certificate[] chain, String authType)
                                    throws CertificateException {
                                // TODO Auto-generated method stub
                            }
                            @Override
                            public X509Certificate[] getAcceptedIssuers() {
                                // TODO Auto-generated method stub
                                return null;
                            }

                        }
                };

        //Create an Instance for SSLContext class
        SSLContext sc = SSLContext.getInstance("SSL");

        //overload init method 
        sc.init(null, trustAllCerts, new java.security.SecureRandom());

        //Use static method setDefaultSSLSocketFactory
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

        //Create Instance for Hostname verifier and override verify() method
        HostnameVerifier allHostsValid = new HostnameVerifier() {

            @Override
            public boolean verify(String arg0, SSLSession arg1) 
            {
                return true;
            }

        };

        //Verify hostname using static method setDefaultHostnameVerifier
        HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
    }
    catch(Exception e)
    {
        e.printStackTrace();
    }
}

每当您尝试执行时,只需首先在 main 方法中调用此方法。希望这会对你有所帮助:)

关于java - 使用 java 使用 REST API - SSLHandshakeException,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/49384569/

上一篇:java - 在 Karaf 中使用 ssl 连接到数据源,得到 java.lang.NoClassDefFoundError : javax/net/ssl/TrustManager

下一篇:android - Spring Boot 同时处理 http 和 HTTPS 请求

相关文章:

Java ArrayList 类型问题

java - Java 中的断言不安全吗?

java - 如何使用权限保护rest api

security - 使用 SecAsn1Decode 解析 DER 格式数据

c# - 如何在自签名 https Web 服务器 C# 中添加 IP 地址而不是本地主机

java - 优雅地结束基于控制台的多线程程序

java - sleep 的目的可能是为了查看线程是否被中断?

java - 相互 SSL : unsupported_certificate and client certificate format

apache - 如何使用反向代理确保与外部服务器的安全连接?

java - 我们可以在 servlet 中创建一个非参数化构造函数吗?

©2024 IT工具网  联系我们