Java HTTPS 主机名错误:应该是 <sub.domain.com>。这是什么原因造成的?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1802051/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
HTTPS hostname wrong: should be <sub.domain.com>. What causes this?
提问by paul
I am getting this 'HTTPS hostname wrong:' error when trying to connect to a server using https. My url looks something like this
尝试使用 https 连接到服务器时,我收到此“HTTPS 主机名错误:”错误。我的网址看起来像这样
https://sub.domain.com/tamnode/webapps/app/servlet.
I connect using the following code
我使用以下代码连接
// Create a URLConnection object for a URL
URL url = new URL(requestedURL);
HttpURLConnection.setFollowRedirects(false);
// connect
connection = (HttpURLConnection) url.openConnection();
connection.setDoOutput(true);
connection.setRequestProperty("User-Agent", USER_AGENT); //$NON-NLS-1$
OutputStreamWriter wr = new OutputStreamWriter(connection
.getOutputStream());
but then get an error
但随后出现错误
IOException: HTTPS hostname wrong: should be <sub.domain.com>.
at sun.net.www.protocol.https.HttpsClient.checkURLSpoofing
....
This is code which has worked in the past but no longer. There have been some changes to the system architecture but I need to get more data before approaching those responsible.
这是过去有效但不再有效的代码。系统架构发生了一些变化,但在联系负责人之前,我需要获取更多数据。
What can cause this error? Can I turn off the URLSpoofing check?
什么会导致此错误?我可以关闭 URLSpoofing 检查吗?
采纳答案by cletus
It looks like the SSL certificate for domain.com has been given to sub.domain.com. Or, more likely, what was domain.com has been renamed to sub.domain.com without updating the SSL certificate.
domain.com 的 SSL 证书似乎已授予 sub.domain.com。或者,更可能的是,在没有更新 SSL 证书的情况下,domain.com 已重命名为 sub.domain.com。
回答by vkraemer
cletusis right about the probable cause.
cletus关于可能的原因是正确的。
There is a way to turn off the spoof checking, too.
还有一种方法可以关闭欺骗检查。
You can create an object that implements HostnameVerifierthat returns true under more circumstances than 'usual'.
您可以创建一个实现HostnameVerifier的对象,该对象在比“通常”更多的情况下返回 true。
You would replace the default HostnameVerifier by calling setHostnameVerifieron the connection object in the code in the question.
您可以通过在问题代码中的连接对象上调用setHostnameVerifier来替换默认的 HostnameVerifier 。
This answer was 'inspired by': http://www.java-samples.com/showtutorial.php?tutorialid=211
这个答案是“灵感来自”:http: //www.java-samples.com/showtutorial.php?tutorialid=211
I found that link with this query: http://www.google.com/search?q=https+hostname+wrong+should+be
我找到了这个查询的链接:http: //www.google.com/search?q= https+hostname+wrong+should+be
One more note: think twice before you do this. You will create an exploitable weakness in the security between your client and server components.
还有一点要注意:在做这件事之前要三思。您将在客户端和服务器组件之间的安全性中创建一个可利用的弱点。
回答by Muhammad Imran Tariq
I got this exception - java.io.IOException: HTTPS hostname wrong: should be <localhost>.
我得到了这个例外 - java.io.IOException: HTTPS hostname wrong: should be <localhost>。
My solution is I changed my self-signed certificate and make the CN=localhost.
我的解决方案是我更改了我的自签名证书并将CN=localhost.
OR
或者
Add your certificate domain-name cn=<domain-name>to your host file probably located at c:/windows/system32/drivers/etc/...
将您的证书域名添加cn=<domain-name>到您的主机文件中,该文件可能位于c:/windows/system32/drivers/etc/...
回答by Jure Males
The following code resolved my problem
以下代码解决了我的问题
static {
//for localhost testing only
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier() {
@Override
public boolean verify(String hostname,
javax.net.ssl.SSLSession sslSession) {
if (hostname.equals("your_domain")) {
return true;
}
return false;
}
});
}
回答by user11353764
Use host name (dns name) as Alias name.
使用主机名(dns 名称)作为别名。
Ex:
前任:
keytool -import -alias <google.com> -file certificate_one.cer -keystore cacerts
回答by shanmugam
Java by default verifies that the certificate CN (Common Name) is the same as hostname in the URL. If the CNin the certificate is not the same as the host name, your web service client fails with the following exception: java.io.IOException: HTTPS hostname wrong: should be hostname as in the certificates.
默认情况下,Java 会验证证书 CN(通用名称)是否与 URL 中的主机名相同。如果证书中的CN与主机名不同,您的 Web 服务客户端将失败并出现以下异常:java.io.IOException: HTTPS 主机名错误:应该是证书中的主机名。
回答by jegadeesh
This is just an alternative of 'svarog' post
这只是“svarog”帖子的另一种选择
static {
HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> hostname.equals("domain name"));
}
![Java 中的 new Object[]{} 是什么意思?](/res/img/loading.gif)