码迷,mamicode.com
首页 > 编程语言 > 详细

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

时间:2017-08-04 19:24:35      阅读:196      评论:0      收藏:0      [点我收藏+]

标签:int   turn   hostname   client   使用   sha   let   返回   create   

使用HttpClient4.3 调用https出现如下错误:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

当使用网上其他的方式的时候,出现错误:javax.net.ssl.SSLException: hostname in certificate didn‘t match: <openapi.ysepay.com> != <default.ssl.cdn.jiasule.com>

原因:这是SSL证书请求问题。

原来的代码:

 1     /**
 2      * 拼接请求参数,发起请求
 3      * @param request
 4      * @param sParaTemp
 5      * @param strMethod
 6      * @param strButtonName
 7      * @return
 8      */
 9     public static String sendRequest(String mch_id,HttpServletRequest request, Map<String, String> paraTemp) {
10         String result = null;// 返回的结果
11         CloseableHttpResponse response = null;
12         CloseableHttpClient client = null;
13         
14         HttpPost httpPost = new HttpPost(SwiftpassConfig.yinsheng_YSEPAY_GATEWAY_URL); //创建HttpPost对象  
15         // 存参列表
16         List <NameValuePair> params = new ArrayList<NameValuePair>();  
17         // 参数不为空
18         if(!paraTemp.isEmpty()) {
19             // 遍历map,保存到List中
20             for (Map.Entry<String, String> entry : paraTemp.entrySet()) {  
21                 params.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));  
22             }
23             try {  
24                 httpPost.setEntity(new UrlEncodedFormEntity(params ,HTTP.UTF_8));
25                 // 创建 CloseableHttpClient 对象
26                 client = HttpClients.createDefault();
27                 response = client.execute(httpPost);
28                 if(response.getStatusLine().getStatusCode() == 200) {  
29                     HttpEntity httpEntity = response.getEntity();  
30                     //取出应答字符串 
31                     result = EntityUtils.toString(httpEntity); 
32                 }  
33             } catch (Exception e) {  
34                 e.printStackTrace();  
35                 result = e.getMessage().toString();  
36             }  
37         }
38         return result;
39     }    

 

修改之后的代码:

    /**
     * buildSSLCloseableHttpClient:(设置允许所有主机名称都可以,忽略主机名称验证)
     * @author xbq
     * @return
     * @throws Exception
     */
    private static CloseableHttpClient buildSSLCloseableHttpClient() throws Exception {
        SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
            // 信任所有
            public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                return true;
            }
        }).build();
        // ALLOW_ALL_HOSTNAME_VERIFIER:这个主机名验证器基本上是关闭主机名验证的,实现的是一个空操作,并且不会抛出javax.net.ssl.SSLException异常。
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null,
                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        return HttpClients.custom().setSSLSocketFactory(sslsf).build();
    }
    
        /**
     * 拼接请求参数,发起请求
     * @param request
     * @param sParaTemp
     * @param strMethod
     * @param strButtonName
     * @return
     */
    public static String sendRequest(String mch_id,HttpServletRequest request, Map<String, String> paraTemp) {
        String result = null;// 返回的结果
        CloseableHttpResponse response = null;
        CloseableHttpClient client = null;
        
        HttpPost httpPost = new HttpPost(SwiftpassConfig.yinsheng_YSEPAY_GATEWAY_URL); //创建HttpPost对象  
        // 存参列表
        List <NameValuePair> params = new ArrayList<NameValuePair>();  
        // 参数不为空
        if(!paraTemp.isEmpty()) {
            // 遍历map,保存到List中
            for (Map.Entry<String, String> entry : paraTemp.entrySet()) {  
                params.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));  
            }
            try {  
                httpPost.setEntity(new UrlEncodedFormEntity(params ,HTTP.UTF_8));
                // 调用方法,创建 CloseableHttpClient 对象
                client = buildSSLCloseableHttpClient();
                response = client.execute(httpPost);
                if(response.getStatusLine().getStatusCode() == 200) {  
                    HttpEntity httpEntity = response.getEntity();  
                    //取出应答字符串 
                    result = EntityUtils.toString(httpEntity); 
                }  
            } catch (Exception e) {  
                e.printStackTrace();  
                result = e.getMessage().toString();  
            }  
        }
        return result;
    }    

 

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

标签:int   turn   hostname   client   使用   sha   let   返回   create   

原文地址:http://www.cnblogs.com/xbq8080/p/7286526.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!