Java代码忽略https证书(解决No|Java代码忽略https证书:解决No subject alternative names present问题)
一、背景:最近一个做一个项目需要在java代码使用https请求调用第三方接口,但是postman设置好的内容在代码汇总报错
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
【Java代码忽略https证书(解决No|Java代码忽略https证书:解决No subject alternative names present问题)】
文章图片
二、解决办法
1.错误为证书问题。因为本身https请求就对证书有要求,于是将代码修改如下,可以绕过证书问题,亲测可用!
2.以下代码可解决上述问题:
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class Restful {
public static void main(String[] args) throws IOException, KeyManagementException, NoSuchAlgorithmException {
HttpsURLConnection.setDefaultHostnameVerifier(new Restful().new NullHostNameVerifier());
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
URL url = new URL(
"https://xxx.xxx.xxx.xxx:xxxx/ValidateToken/rest/username?token=60f9102ad04b3129feea3ffad7af3f88");
// 打开restful链接
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
// POST GET PUT DELETE
// 设置访问提交模式,表单提交
conn.setRequestProperty("Content-Type", "application/json;
charset=utf-8");
conn.setConnectTimeout(130000);
// 连接超时 单位毫秒
conn.setReadTimeout(130000);
// 读取超时 单位毫秒
// 读取请求返回值
byte bytes[] = new byte[1024];
InputStream inStream = conn.getInputStream();
inStream.read(bytes, 0, inStream.available());
System.out.println(new String(bytes, "utf-8"));
}
static TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
} };
public class NullHostNameVerifier implements HostnameVerifier {
/*
* (non-Javadoc)
*
* @see javax.net.ssl.HostnameVerifier#verify(java.lang.String,
* javax.net.ssl.SSLSession)
*/
@Override
public boolean verify(String arg0, SSLSession arg1) {
// TODO Auto-generated method stub
return true;
}
}
}
推荐阅读
- JAVA(抽象类与接口的区别&重载与重写&内存泄漏)
- CVE-2020-16898|CVE-2020-16898 TCP/IP远程代码执行漏洞
- 那件我们忽略的小事叫感恩
- 事件代理
- Java|Java OpenCV图像处理之SIFT角点检测详解
- java中如何实现重建二叉树
- 数组常用方法一
- 不废话,代码实践带你掌握|不废话,代码实践带你掌握 强缓存、协商缓存!
- 【Hadoop踩雷】Mac下安装Hadoop3以及Java版本问题
- 工具|后天就是七夕节,你准备好了吗(送上几个七夕代码,展示你技能的时候到了!)