- 浏览: 822676 次
- 性别:
- 来自: 株洲->深圳
文章分类
- 全部博客 (283)
- JAVA (54)
- 数据库 (25)
- Linux (22)
- Spring (9)
- Hibernate (7)
- mybatis (1)
- struts (10)
- javascript (22)
- Web (11)
- 异常 (30)
- 工具 (21)
- pay (9)
- 软件相关 (7)
- 其它 (28)
- python (1)
- 缓存 (9)
- 面试题 (2)
- 代码规范 (14)
- 网络编程 (1)
- 架构设计 (1)
- 程序测试 (3)
- 移动 (1)
- 安全 (2)
- 服务器 (4)
- 程序员 (1)
- php (4)
- 非技术 (7)
- web容器 (3)
- 竞彩篮球 (1)
- nginx (5)
- 加密 (2)
- jquery (2)
- 原理 (2)
- 项目管理 (1)
- www..betradar.com (0)
- www.betradar.com (1)
- 爬虫 (1)
最新评论
-
July01:
有一款web 打印控件StratoIO,浏览器和系统的兼容性都 ...
WEB免费打印控件推荐(4款) -
lihaimian:
你好,有个问题咨询一个,为何我在java中,无法使用与运算符, ...
位运算、异或的实际应用 -
小黄牛:
很好谢谢分享!推荐几篇spring boot基础入门文章:ht ...
Spring Boot 快速入门 (官方quick start) -
littlesheep:
我按照你的方法从新生成了密钥可是还是报者个错误...
狗日的支付宝 -
di1984HIT:
学习了~~~
javassist:增强型的java反射工具,获取方法参数名
javax.net.ssl.SSLHandshakeException: sun.security.validator 问题解决,与环境有关
- 博客分类:
- JAVA
用httpclient访问https 资源时,会出现异常,与环境也有关系,有些机器请求正常.
错误详情:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1623) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:198) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:192) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1074) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:128) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:529) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:465) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1147) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1131) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) at com.msd.payCenter.msdPay.yeePay.util.HttpUtils.URLGet(HttpUtils.java:67) at com.msd.payCenter.msdPay.yeePay.service.impl.YeePayServiceImpl.yeeAutoCheckOrder(YeePayServiceImpl.java:298) at com.msd.payCenter.msdPay.AutoCheckOrderServiceImpl.autoCheckOrder(AutoCheckOrderServiceImpl.java:83) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
解决方法:
增加一个自己的https协议类 MySSLSocketFactory.java
package com.nassir.hc3; import java.io.IOException; import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.Socket; import java.net.SocketAddress; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.SocketFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.commons.httpclient.ConnectTimeoutException; import org.apache.commons.httpclient.params.HttpConnectionParams; import org.apache.commons.httpclient.protocol.ProtocolSocketFactory; public class MySSLSocketFactory implements ProtocolSocketFactory { static { System.out.println(">>>>in MySSLSocketFactory>>"); } private SSLContext sslcontext = null; private SSLContext createSSLContext() { SSLContext sslcontext = null; try { sslcontext = SSLContext.getInstance("SSL"); sslcontext.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom()); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } return sslcontext; } private SSLContext getSSLContext() { if (this.sslcontext == null) { this.sslcontext = createSSLContext(); } return this.sslcontext; } public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose); } public Socket createSocket(String host, int port) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(host, port); } public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort); } public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException, UnknownHostException, ConnectTimeoutException { if (params == null) { throw new IllegalArgumentException("Parameters may not be null"); } int timeout = params.getConnectionTimeout(); SocketFactory socketfactory = getSSLContext().getSocketFactory(); if (timeout == 0) { return socketfactory.createSocket(host, port, localAddress, localPort); } else { Socket socket = socketfactory.createSocket(); SocketAddress localaddr = new InetSocketAddress(localAddress, localPort); SocketAddress remoteaddr = new InetSocketAddress(host, port); socket.bind(localaddr); socket.connect(remoteaddr, timeout); return socket; } } private static class TrustAnyTrustManager implements X509TrustManager { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[] {}; } } }
请求类:
/** * */ package com.nassir.hc3; import java.io.IOException; import java.io.InputStream; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.HttpException; import org.apache.commons.httpclient.HttpMethod; import org.apache.commons.httpclient.methods.PostMethod; import org.apache.commons.httpclient.protocol.Protocol; /** * @author nassir wen * @data 2012-3-31 下午05:09:13 * @version V2.5 * @Company: MSD. * @Copyright Copyright (c) 2012 */ public class HttpsRequest { /** * * @param url * @return */ public static String post(String url) { //增加下面两行代码 Protocol myhttps = new Protocol("https", new MySSLSocketFactory(), 443); Protocol.registerProtocol("https", myhttps); HttpClient client = new HttpClient(); HttpMethod post = new PostMethod(url); try { client.executeMethod(post); byte[] responseBody = post.getResponseBody(); String result = new String(responseBody,"GBK"); return result; } catch (HttpException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } finally { post.releaseConnection(); } return null; } }
测试:
public static void main(String[] args) { System.out.println(HttpsRequest.post("https://www.alipay.com"));//支付宝做测试 }
解决方案来源:http://hi.baidu.com/69hwj/blog/item/3e9e457bf2f8b1f10bd18766.html
附件包含:以上代码以及httpclient3.x与httpclient4.x 事例.
评论
1 楼
Trinea
2013-08-28
可通过客户端信任所有证书或是服务器端添加证书两种方式解决,具体原因分析及解决方式见:http://www.trinea.cn/android/android-java-https-ssl-exception-2/
发表评论
-
linux 服务器挂载出问题,导致写文件失败,程序超时
2014-07-11 11:07 0linux 服务器挂载出问题,导致写文件失败,程序超时 -
HessianProxy cannot connect to 'http://localhost
2014-04-12 10:57 3278HessianProxy cannot connect t ... -
位运算、异或的实际应用
2013-12-24 15:53 10879一. 位操作基础,用 ... -
了解LinkedList原理
2013-12-25 14:38 11651.LinkedList介绍 线性链表集合,循环链表ht ... -
了解ArrayList原理
2013-12-18 10:45 11141.ArrayList 介绍 有序集合,按顺序存储元素 ... -
java Cookie的有效期
2013-12-03 19:55 6022Cookie的有效期 Cookie的maxAge决定着Co ... -
10 道 Java 泛型面试题
2013-10-20 19:07 1799关于泛型的面试题在 Java面试中变得越来越常见,因为 Ja ... -
tomcat 访问记录日志
2013-05-17 01:43 1725Tomcat7.0.xx访问请求记录是默认打开的 ... -
支付宝RSA 公私钥 程序生成,openssl rsa 密钥程序生成,想要多少有多少
2013-05-01 00:21 30521.先配置好openssl 环境变量 保证cmd 输 ... -
MD2withRSA is disabled
2013-04-25 14:44 1758请求https报以一错误: javax.net.ssl.S ... -
狗日的支付宝
2013-04-24 23:26 14710用openssl 生成的密钥老是报以下错误: ja ... -
quartz 启动时会自动启动检测是否有可用的新版本
2013-04-24 20:06 1844日志提示: [org.quartz.utils.Updat ... -
Data truncation: Incorrect datetime value: '' for column 'createTime' at row
2013-03-22 17:11 22000mysql SQL Error: 0, SQLState: ... -
session失效通过头信息判断跳转
2013-03-13 18:06 1673/** * 拦截用户是否登录跳转到登录页 * 页面请 ... -
jsonlib转换树型数据没其它框架好
2013-01-26 14:39 1442jsonlib的性能请看这篇文章:http://wangym ... -
[ava.net.SocketException四大异常解决方案
2012-12-05 12:31 5301java.net.SocketException如何才能 ... -
SSM1.0中UpdateSingleCache 参数keyIndex,dataIndex解释
2012-08-31 00:21 1438simple-spring-memcached 简称:ssm ... -
simple-spring-memcached-3.0.x 注解详解
2012-08-10 18:37 4631@CacheName: 指定缓存实例注解 @Cach ... -
simple-spring-memcached-3.0.x 用了lombok类库记录一下
2012-08-08 12:20 1502消除冗长的 Java 代码 Lombok Lombok ... -
Ehcache集群使用
2012-07-21 15:48 4795集群的事例是由别人提供(附件也提供下载,我将相关包已导入),我 ...
相关推荐
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure的一个解决方案-附件资源
NULL 博文链接:https://xusaomaiss.iteye.com/blog/723167
访问带https请求忽略ssl证书,避免url.openStream报错javax.net.ssl.SSLHandshakeException url = new URL(imageUrl); if("https".equalsIgnoreCase(url.getProtocol())){ SslUtils.ignoreSsl(); } //不添加...
解决webMagic0.7.3 出现javax.net.ssl.SSLException: Received fatal alert: protocol_version的问题-附件资源
然而,当你遇到“javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair”的错误时,这意味着在建立SSL/TLS连接时,Diffie-Hellman(DH)密钥交换算法遇到了问题。DH是一种非对称...
这一库主要提供了`javax.net.ssl`包,包括了SSL/TLS相关的各种类,如`SSLSocket`、`SSLServerSocket`、`SSLEngine`等,它们是构建安全网络连接的基础。`SSLSocket`用于创建客户端到服务器的安全连接,而`...
加密是报:javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair 此处提供 bcprov-ext-jdk15on-154.jar 和 bcprov-jdk15on-154.jar 压缩包中有使用说明
虽然上述方法可以解决问题,但在实际应用中,应优先考虑提高安全性,例如更新设备的SSL/TLS库、使用受信任的证书和现代加密套件。在测试和调试过程中,务必遵循最小权限原则,只在必要时放宽安全设置。
javax.net.ssl.SSLHandshakeException:Chain validation failed timestamp check failed Certificate expired at Wed Nov 20 20:00:00 GMT+08:00 2019 (compared to Mon N… 当你遇到了类似以上的报错,先来说结论:...
在解决问题时,需要注意一些重要的信息: * 确保密钥库文件和信任库文件的正确性,避免出现密钥不匹配的问题。 * 确保 SSL/TLS 协议的版本正确,避免出现版本不匹配的问题。 * 确保应用程序的配置正确,避免出现...
MQTTv5版的客户端库,原地址:... 本资源合入了解决低于android7.0报错Caused by: java.lang.ClassNotFoundException: Didn't find class "javax.net.ssl.SNIHostName"的问题。
bcprov-ext-jdk15on-1.60、bcprov-jdk15on-1.60两个包放到jre下的$JAVA_HOME/jre/lib/ext的路径下,然后配置$JAVA_HOME/jre/lib/security/java.security,找到security.provider.9,然后在这句话下面加上:security....
0.7.3版本是WebMagic的一个稳定版本,据描述在实际项目中得到了良好的应用,没有发现明显的错误,这表明其在稳定性与效率方面有不错的表现。 Web爬虫是用于自动化抓取互联网数据的一种程序。它能够遍历网页,提取所...
赠送jar包:javax.mail-1.5.6.jar; 赠送原API文档:javax.mail-1.5.6-javadoc.jar; 赠送源代码:javax.mail-1.5.6-sources.jar; 赠送Maven依赖信息文件:javax.mail-1.5.6.pom; 包含翻译后的API文档:javax.mail...
import javax.net.ssl.SSLHandshakeException; public class CustomSSLSocketFactory { public static OkHttpClient getUnsafeOkHttpClient() { try { // 创建一个新的OkHttpClient.Builder实例 OkHttpClient....
在Java编程中,`java.lang.RuntimeException` 是一个非检查...通过细致的代码审查、良好的异常处理和充分的测试,你可以有效地定位和解决问题。在实际开发中,一定要重视异常处理,因为它们是暴露潜在问题的重要途径。
HTTP Status 500 - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find ...
首先,`javax.imageio.IIOException`是Java标准库中的一个异常类型,它继承自`IOException`,专门用于处理与图像输入输出相关的错误。当`ImageIO`类库尝试读取或写入图像文件时,如果遇到不支持的图像类型,就会抛出...