javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

使用HttpClient4.3 调用https出现如下错误:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

当使用网上其他的方式的时候,出现错误:javax.net.ssl.SSLException: hostname in certificate didn‘t match: <openapi.ysepay.com> != <default.ssl.cdn.jiasule.com>

原因:这是SSL证书请求问题。

原来的代码:

 1     /**
 2      * 拼接请求参数,发起请求
 3      * @param request
 4      * @param sParaTemp
 5      * @param strMethod
 6      * @param strButtonName
 7      * @return
 8      */
 9     public static String sendRequest(String mch_id,HttpServletRequest request, Map<String, String> paraTemp) {
10         String result = null;// 返回的结果
11         CloseableHttpResponse response = null;
12         CloseableHttpClient client = null;
13
14         HttpPost httpPost = new HttpPost(SwiftpassConfig.yinsheng_YSEPAY_GATEWAY_URL); //创建HttpPost对象
15         // 存参列表
16         List <NameValuePair> params = new ArrayList<NameValuePair>();
17         // 参数不为空
18         if(!paraTemp.isEmpty()) {
19             // 遍历map,保存到List中
20             for (Map.Entry<String, String> entry : paraTemp.entrySet()) {
21                 params.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));
22             }
23             try {
24                 httpPost.setEntity(new UrlEncodedFormEntity(params ,HTTP.UTF_8));
25                 // 创建 CloseableHttpClient 对象
26                 client = HttpClients.createDefault();
27                 response = client.execute(httpPost);
28                 if(response.getStatusLine().getStatusCode() == 200) {
29                     HttpEntity httpEntity = response.getEntity();
30                     //取出应答字符串
31                     result = EntityUtils.toString(httpEntity);
32                 }
33             } catch (Exception e) {
34                 e.printStackTrace();
35                 result = e.getMessage().toString();
36             }
37         }
38         return result;
39     }

修改之后的代码:

    /**
     * buildSSLCloseableHttpClient:(设置允许所有主机名称都可以,忽略主机名称验证)
     * @author xbq
     * @return
     * @throws Exception
     */
    private static CloseableHttpClient buildSSLCloseableHttpClient() throws Exception {
        SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
            // 信任所有
            public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                return true;
            }
        }).build();
        // ALLOW_ALL_HOSTNAME_VERIFIER:这个主机名验证器基本上是关闭主机名验证的,实现的是一个空操作,并且不会抛出javax.net.ssl.SSLException异常。
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null,
                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        return HttpClients.custom().setSSLSocketFactory(sslsf).build();
    }

        /**
     * 拼接请求参数,发起请求
     * @param request
     * @param sParaTemp
     * @param strMethod
     * @param strButtonName
     * @return
     */
    public static String sendRequest(String mch_id,HttpServletRequest request, Map<String, String> paraTemp) {
        String result = null;// 返回的结果
        CloseableHttpResponse response = null;
        CloseableHttpClient client = null;

        HttpPost httpPost = new HttpPost(SwiftpassConfig.yinsheng_YSEPAY_GATEWAY_URL); //创建HttpPost对象
        // 存参列表
        List <NameValuePair> params = new ArrayList<NameValuePair>();
        // 参数不为空
        if(!paraTemp.isEmpty()) {
            // 遍历map,保存到List中
            for (Map.Entry<String, String> entry : paraTemp.entrySet()) {
                params.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));
            }
            try {
                httpPost.setEntity(new UrlEncodedFormEntity(params ,HTTP.UTF_8));
                // 调用方法,创建 CloseableHttpClient 对象
                client = buildSSLCloseableHttpClient();
                response = client.execute(httpPost);
                if(response.getStatusLine().getStatusCode() == 200) {
                    HttpEntity httpEntity = response.getEntity();
                    //取出应答字符串
                    result = EntityUtils.toString(httpEntity);
                }
            } catch (Exception e) {
                e.printStackTrace();
                result = e.getMessage().toString();
            }
        }
        return result;
    }
时间: 2024-10-25 03:58:40

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed的相关文章

mvn 编译报错mavn sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targ

mavn 编译报错: mavn sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 解决方案: The fact is that your maven plugin try

解决 sun.security.validator.ValidatorException: PKIX path building failed

今天用java HttpClients写爬虫在访问某Https站点报如下错误: sun.security.validator.ValidatorException: PKIX path building failed... 网上找了找解决方案,看到这篇博客:http://www.oschina.net/question/12_19249 经测试,解决问题,这里做个记录.

异常解决:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

前几天用JSOUP写爬虫Demo时,遇到这个异常 百度了一番原来是因为目标站点启用了HTTPS  而缺少安全证书时出现的异常,大概解决办法有2种: 1. 手动导入安全证书(嫌麻烦 没使用); 2. 忽略证书验证. 相对于来说简单一点,在发起请求前调用这个方法,问题解决. ``` java // 包不要导错了 import javax.net.ssl.*; import java.security.SecureRandom; import java.security.cert.Certificat

HttpClient_javax.net.ssl.SSLHandshakeException: sun.security.validator 问题解决,与环境有关

用httpclient访问https 资源时,会出现异常,与环境也有关系,有些机器请求正常. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification p

ValidatorException: PKIX path building failed

参考: https://my.oschina.net/fdhay/blog/677226 javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification pat

andorid HTTPS 不需要证书 VolleyEror: com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not fou

1.加证书(这里不说) 2.修改代码 import java.security.KeyManagementException;import java.security.NoSuchAlgorithmException;import java.security.SecureRandom;import java.security.cert.X509Certificate;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsU

使用Maven时出现“jssecacerts PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilde”错误

[]解决方法: 方法一:忽略SSL证书检查 在Maven命令后加入参数“-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true” 方法二. 生成JDK证书并导入JRE security中 1. 生成JDK证书 import javax.net.ssl.*; import java.io.*; import java.security.KeyStore; import java.security.Messa

解决 Java 调用 Azure SDK 证书错误 javax.net.ssl.SSLHandshakeException

Azure 作为微软的公有云平台,提供了非常丰富的 SDK 和 API 让开发人员可以非常方便的调用的各项服务,目前除了自家的 .NET.Java.Python. nodeJS.Ruby,PHP 等语言都提供支持,详细的文档说明请参考: https://azure.microsoft.com/en-us/documentation/ 然而在使用过程中,以 Java 语言为例,在初始调用 Azure SDK/API 的时候大家会碰到类似下面的错误: [WARN] ServiceBusContrac

javax.net.ssl.SSLHandshakeException

遇到证书问题:Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat sun