java javax.net.ssl.SSLPeerUnverifiedException:peer 未通过身份验证问题
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/37795204/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated issue
提问by Pradhumn Sharma
I am using HttpClient-4.2.1and already added certificate on server but still I am getting below error.
我正在使用HttpClient-4.2.1并且已经在服务器上添加了证书,但仍然出现以下错误。
I have read existing issue saying to add TrustManager (X509TrustManager) but as per my thinking this is not solution. If I am wrong please correct me.
我已经阅读了现有的问题,说要添加 TrustManager ( X509TrustManager) 但据我所知,这不是解决方案。如果我错了,请纠正我。
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)
采纳答案by SkyWalker
You can use this code. Hope it will solve your issue.
您可以使用此代码。希望它能解决你的问题。
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
......
private static HttpClient getHttpClient() {
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null,
new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
X509Certificate[] certs, String authType) {
}
}}, new SecureRandom());
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext,SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpClient httpClient = HttpClientBuilder.create().setSSLSocketFactory(socketFactory).build();
return httpClient;
} catch (Exception e) {
e.printStackTrace();
return HttpClientBuilder.create().build();
}
}
The exception will no longer be thrown, when the certification is expired, the browser will issues a warning about an expired certificate and let user confirm.
不再抛出异常,当证书过期时,浏览器会发出证书过期的警告并让用户确认。
