我有一个 REST API 说 https://testing.com/ap//v1/test/23123 . 这是我的 Java 代码:
URL restServiceURL = new URL(targetURL);
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("100.3.4.54", 9128));
HttpURLConnection httpConnection = (HttpURLConnection) restServiceURL.openConnection(proxy);
httpConnection.setRequestMethod("GET");
httpConnection.setRequestProperty("Accept", "application/json");
if (httpConnection.getResponseCode() != 200) {
throw new RuntimeException("HTTP GET Request Failed with Error code : "
+ httpConnection.getResponseCode());
}
BufferedReader responseBuffer = new BufferedReader(new InputStreamReader(
(httpConnection.getInputStream())));
这会抛出一个 java 异常:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: CA key usage check failed: keyCertSign bit is not set
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
有什么方法可以绕过这个 https 验证吗?解决此问题的最佳方法是什么?
最佳答案
服务器证书无效。提供的签名证书不是签名证书,也就是说它没有设置 keyCertSign 位。
关于java - HTTPs HTTPURLConnection 问题,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29593055/