javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed
阿新 • • 發佈:2017-08-04
span color create utf ray [] ret res 調用方法
使用HttpClient4.3 調用https出現如下錯誤:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
當使用網上其他的方式的時候,出現錯誤:javax.net.ssl.SSLException: hostname in certificate didn‘t match: <openapi.ysepay.com> != <default.ssl.cdn.jiasule.com>
原因:這是SSL證書請求問題。
原來的代碼:
1 /** 2 * 拼接請求參數,發起請求 3 * @param request 4 * @param sParaTemp 5 * @param strMethod 6 * @param strButtonName 7 * @return 8 */ 9 public static String sendRequest(String mch_id,HttpServletRequest request, Map<String, String> paraTemp) {10 String result = null;// 返回的結果 11 CloseableHttpResponse response = null; 12 CloseableHttpClient client = null; 13 14 HttpPost httpPost = new HttpPost(SwiftpassConfig.yinsheng_YSEPAY_GATEWAY_URL); //創建HttpPost對象 15 // 存參列表 16 List <NameValuePair> params = newArrayList<NameValuePair>(); 17 // 參數不為空 18 if(!paraTemp.isEmpty()) { 19 // 遍歷map,保存到List中 20 for (Map.Entry<String, String> entry : paraTemp.entrySet()) { 21 params.add(new BasicNameValuePair(entry.getKey(), entry.getValue())); 22 } 23 try { 24 httpPost.setEntity(new UrlEncodedFormEntity(params ,HTTP.UTF_8)); 25 // 創建 CloseableHttpClient 對象 26 client = HttpClients.createDefault(); 27 response = client.execute(httpPost); 28 if(response.getStatusLine().getStatusCode() == 200) { 29 HttpEntity httpEntity = response.getEntity(); 30 //取出應答字符串 31 result = EntityUtils.toString(httpEntity); 32 } 33 } catch (Exception e) { 34 e.printStackTrace(); 35 result = e.getMessage().toString(); 36 } 37 } 38 return result; 39 }
修改之後的代碼:
/** * buildSSLCloseableHttpClient:(設置允許所有主機名稱都可以,忽略主機名稱驗證) * @author xbq * @return * @throws Exception */ private static CloseableHttpClient buildSSLCloseableHttpClient() throws Exception { SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() { // 信任所有 public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { return true; } }).build(); // ALLOW_ALL_HOSTNAME_VERIFIER:這個主機名驗證器基本上是關閉主機名驗證的,實現的是一個空操作,並且不會拋出javax.net.ssl.SSLException異常。 SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return HttpClients.custom().setSSLSocketFactory(sslsf).build(); } /** * 拼接請求參數,發起請求 * @param request * @param sParaTemp * @param strMethod * @param strButtonName * @return */ public static String sendRequest(String mch_id,HttpServletRequest request, Map<String, String> paraTemp) { String result = null;// 返回的結果 CloseableHttpResponse response = null; CloseableHttpClient client = null; HttpPost httpPost = new HttpPost(SwiftpassConfig.yinsheng_YSEPAY_GATEWAY_URL); //創建HttpPost對象 // 存參列表 List <NameValuePair> params = new ArrayList<NameValuePair>(); // 參數不為空 if(!paraTemp.isEmpty()) { // 遍歷map,保存到List中 for (Map.Entry<String, String> entry : paraTemp.entrySet()) { params.add(new BasicNameValuePair(entry.getKey(), entry.getValue())); } try { httpPost.setEntity(new UrlEncodedFormEntity(params ,HTTP.UTF_8)); // 調用方法,創建 CloseableHttpClient 對象 client = buildSSLCloseableHttpClient(); response = client.execute(httpPost); if(response.getStatusLine().getStatusCode() == 200) { HttpEntity httpEntity = response.getEntity(); //取出應答字符串 result = EntityUtils.toString(httpEntity); } } catch (Exception e) { e.printStackTrace(); result = e.getMessage().toString(); } } return result; }
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed