【发布时间】:2017-05-29 03:32:04
【问题描述】:
我正在尝试以编程方式连接到安全的 Web 服务器。我有用于访问服务器的 pfx 证书,可以通过浏览器访问它。但是我收到以下错误:
java.security.cert.CertificateException:不存在主题替代名称
我正在使用的这段代码:
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream("path/to/pfxFile"), "mypassword");
KeyManagerFactory keyManagerFactory = KeyManagerFactory
.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, "mypassword");
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream("path/to/cacerts"), "changeit");
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(),
new SecureRandom());
URL url = new URL("https://XXX.XXX.XXX.XXX/MyWebService");
connection = (HttpsURLConnection) url.openConnection();
connection.setSSLSocketFactory(sslContext.getSocketFactory());
connection.setRequestProperty("Content-Type", "text/xml");
connection.setRequestMethod("GET");
connection.setConnectTimeout(120000);
connection.connect();
通过将以下内容直接放在 openConnection 调用之前,我设法找到了解决该错误的方法:
HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> hostname.equals("XXX.XXX.XXX.XXX"));
只给我:
javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径
我找不到任何解决此问题的方法。我已经尝试导出证书并通过 keytool 将其添加到 cacert,但它没有帮助,我没有想法。任何帮助表示赞赏。
【问题讨论】:
标签: java ssl https certificate