当前位置:   article > 正文

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building f

javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexcepti

原因:这是SSL证书请求问题。

原代码

private String postForAPP1(String token) throws Exception {
        Map<String, Object> param = new HashMap<String, Object>();
        TxnBodyCom txnBodyCom = new TxnBodyCom();
        param.put("txnBodyCom", txnBodyCom);
//        txnCom.setTxnBodyCom(txnBodyCom);
        TxnCommCom txnCommCom = new TxnCommCom();
        txnCommCom.setTRecInPage("1111");
        txnCommCom.setTxnIttChnlCgyCode("1111");
        txnCommCom.setTStsTraceId("=01111");
        txnCommCom.setTPageJump("1111");
        txnCommCom.setTxnIttChnlId("1111111");
        param.put("txnCommCom", txnCommCom);
        JSON.toJSONString(param);

        CloseableHttpClient httpClient = HttpClients.createDefault();
        RequestConfig requestConfig = RequestConfig.custom().setSocketTimeout(300 * 1000)
                .setConnectTimeout(300 * 1000).build();
        // 创建post方式请求对象
        HttpPost post = new HttpPost("https://www.baidu.com:1111");
        post.setConfig(requestConfig);
        // 请求的数据包为raw,设置报文头为Content-Type
        post.addHeader("Content-Type", "application/json;charset=utf-8");
        post.addHeader("C-Tenancy-id", "11111");
        post.addHeader("Connection", "keep-alive");
        post.addHeader("Referer", "https://www.baidu.com:1111");
        post.addHeader("C-Dynamic-Password-Foruser", token);
        post.addHeader("C-App-Id", "11111");

        // 装载参数
        StringEntity postingString = new StringEntity(JSON.toJSONString(param), "utf-8");
        post.setEntity(postingString);
        // 执行请求并拿到结果
        HttpResponse response = null;
        String content = null;
        CloseableHttpClient client = null;
        try {
//            httpClient = buildSSLCloseableHttpClient();
            response = httpClient.execute(post);
            // 判断返回状态是否正常
            int state = response.getStatusLine().getStatusCode();

            // 获取结果实体并返回结果
            org.apache.http.HttpEntity entity = response.getEntity();
            content = EntityUtils.toString(entity);
            return content;
        }  catch (Exception e) {
            e.printStackTrace();
        } finally {
            httpClient.close();
        }
        return null;
    }

报错javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

修改代码:新增一个方法,忽略主机名称验证

/**
 * buildSSLCloseableHttpClient:(设置允许所有主机名称都可以,忽略主机名称验证)
 * @author xbq
 * @return
 * @throws Exception
 */
private static CloseableHttpClient buildSSLCloseableHttpClient() throws Exception {
    SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
        // 信任所有
        public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            return true;
        }
    }).build();
    // ALLOW_ALL_HOSTNAME_VERIFIER:这个主机名验证器基本上是关闭主机名验证的,实现的是一个空操作,并且不会抛出javax.net.ssl.SSLException异常。
    SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1.2" }, null,
            SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    return HttpClients.custom().setSSLSocketFactory(sslsf).build();
}

在原代码处调用新增的方法

private String postForAPP1(String token) throws Exception {
        Map<String, Object> param = new HashMap<String, Object>();
        TxnBodyCom txnBodyCom = new TxnBodyCom();
        param.put("txnBodyCom", txnBodyCom);
//        txnCom.setTxnBodyCom(txnBodyCom);
        TxnCommCom txnCommCom = new TxnCommCom();
        txnCommCom.setTRecInPage("10");
        txnCommCom.setTxnIttChnlCgyCode("111111");
        txnCommCom.setTStsTraceId("1111111");
        txnCommCom.setTPageJump("1");
        txnCommCom.setTxnIttChnlId("1111");
        param.put("txnCommCom", txnCommCom);
        JSON.toJSONString(param);

        CloseableHttpClient httpClient = HttpClients.createDefault();
        RequestConfig requestConfig = RequestConfig.custom().setSocketTimeout(300 * 1000)
                .setConnectTimeout(300 * 1000).build();
        // 创建post方式请求对象
        HttpPost post = new HttpPost("https://www.baudu.com");
        post.setConfig(requestConfig);
        // 请求的数据包为raw,设置报文头为Content-Type
        post.addHeader("Content-Type", "application/json;charset=utf-8");
        post.addHeader("C-Tenancy-id", "1111111");
        post.addHeader("Connection", "keep-alive");
        post.addHeader("Referer", "https://www.baidu.com");
        post.addHeader("C-Dynamic-Password-Foruser", token);
        post.addHeader("C-App-Id", "11111111");

        // 装载参数
        StringEntity postingString = new StringEntity(JSON.toJSONString(param), "utf-8");
        post.setEntity(postingString);
        // 执行请求并拿到结果
        HttpResponse response = null;
        String content = null;
        CloseableHttpClient client = null;
        try {
           //调用新方法
            httpClient = buildSSLCloseableHttpClient();
            response = httpClient.execute(post);
            // 判断返回状态是否正常
            int state = response.getStatusLine().getStatusCode();

            // 获取结果实体并返回结果
            org.apache.http.HttpEntity entity = response.getEntity();
            content = EntityUtils.toString(entity);
            return content;
        }  catch (Exception e) {
            e.printStackTrace();
        } finally {
            httpClient.close();
        }
        return null;
    }

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/盐析白兔/article/detail/453655
推荐阅读
相关标签
  

闽ICP备14008679号