我正在尝试运行一个本地 groovy scipt 进行测试,它在 prod 服务器上运行良好,但在本地我收到 SSL 错误:
Caught: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java_net_URLConnection$getOutputStream$1.call(Unknown Source)
at url.processRequest(url.groovy:8)
at url$processRequest.callCurrent(Unknown Source)
at url.run(url.groovy:17)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:78)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
... 7 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
... 7 more
def post = new URL("https://abc.deg.com").openConnection();
最佳答案
您可以将连接强制转换为 HttpsUrlConnection 并注入(inject)不验证任何内容的不安全信任管理器。这样,您将删除所有 SSL 验证。我不推荐这样做,因为它不安全,但这是您可以使用的代码段:
不安全信任管理器
import javax.net.ssl.HttpsURLConnection
import javax.net.ssl.SSLContext
import javax.net.ssl.SSLEngine
import javax.net.ssl.SSLSocketFactory
import javax.net.ssl.TrustManager
import javax.net.ssl.X509ExtendedTrustManager
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
class UnsafeTrustManager extends X509ExtendedTrustManager {
@Override
void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {}
@Override
void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {}
@Override
void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {}
@Override
void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {}
@Override
void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {}
@Override
void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {}
@Override
X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0]
}
}
def sslContext = SSLContext.getInstance("TLS")
sslContext.init(null, new TrustManager[]{new UnsafeTrustManager()}, null)
def sslSocketFactory = sslContext.getSocketFactory()
def post = (HttpsURLConnection) new URL("https://abc.deg.com").openConnection()
post.setSSLSocketFactory(sslSocketFactory)
关于java - 如何在运行 groovy 脚本 URL 时禁用 SSL 验证?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68167184/