javax.net.ssl.SSLException: hostname in certificate didn't match:
使用HttpClinet 遇到
javax.net.ssl.SSLException: hostname in certificate didn't match: <cpd.vivo.com.cn> != <*.cdn.myqcloud.com> OR <*.cdn.myqcloud.com> OR <*.2144.cn> OR <*.2144.com> OR
錯(cuò)誤
?需要修改HttpClinet代碼
@SuppressWarnings("deprecation")public static String httpPost(String url,Map<String,String> params,String cookie){String result = null;DefaultHttpClient httpClient = new DefaultHttpClient();httpClient.getParams().setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 60000); // 連接超時(shí)時(shí)間httpClient.getParams().setParameter(CoreConnectionPNames.SO_TIMEOUT, 90000); // 數(shù)據(jù)傳輸時(shí)間//創(chuàng)建TrustManagerX509TrustManager xtm = new X509TrustManager() {@SuppressWarnings("unused")public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}@SuppressWarnings("unused")public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}@Overridepublic void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1)throws java.security.cert.CertificateException {}@Overridepublic void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1)throws java.security.cert.CertificateException {}@Overridepublic java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;}};//這個(gè)好像是HOST驗(yàn)證X509HostnameVerifier hostnameVerifier = new X509HostnameVerifier() {public boolean verify(String arg0, SSLSession arg1) {return true;}public void verify(String arg0, SSLSocket arg1) throws IOException {}public void verify(String arg0, String[] arg1, String[] arg2) throws SSLException {}@SuppressWarnings("unused")public void verify(String arg0, X509Certificate arg1) throws SSLException {}@Overridepublic void verify(String arg0, java.security.cert.X509Certificate arg1) throws SSLException {}};try {//TLS1.0與SSL3.0基本上沒(méi)有太大的差別,可粗略理解為TLS是SSL的繼承者,但它們使用的是相同的SSLContextSSLContext ctx = SSLContext.getInstance("TLS");//使用TrustManager來(lái)初始化該上下文,TrustManager只是被SSL的Socket所使用ctx.init(null, new TrustManager[] { xtm }, null);//創(chuàng)建SSLSocketFactorySSLSocketFactory socketFactory = new SSLSocketFactory(ctx);socketFactory.setHostnameVerifier(hostnameVerifier);//通過(guò)SchemeRegistry將SSLSocketFactory注冊(cè)到我們的HttpClient上httpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", socketFactory, 443));} catch (KeyManagementException e1) {e1.printStackTrace();} catch (NoSuchAlgorithmException e1) {e1.printStackTrace();}HttpPost post = null;post = new HttpPost(url);post.setHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");post.setHeader("Cookie",cookie);// 參數(shù)List<NameValuePair> list = new ArrayList<NameValuePair>();Set<String> keySet = params.keySet();for(String key:keySet){list.add(new BasicNameValuePair(key, params.get(key)));}try {post.setEntity(new UrlEncodedFormEntity(list,HTTP.UTF_8));HttpResponse response = httpClient.execute(post);result = reponse2String(response);} catch (UnsupportedEncodingException e) {e.printStackTrace();} catch (ClientProtocolException e) {e.printStackTrace();} catch (IOException e) {e.printStackTrace();}// 關(guān)閉httpClient.getConnectionManager().shutdown();return result;}主要代碼
//創(chuàng)建TrustManager
?? ??? ?X509TrustManager xtm = new X509TrustManager() {
?? ??? ??? ?@SuppressWarnings("unused")
?? ??? ??? ?public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
?? ??? ??? ?@SuppressWarnings("unused")
?? ??? ??? ?public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
?? ??? ??? ?@Override
?? ??? ??? ?public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1)
?? ??? ??? ??? ??? ?throws java.security.cert.CertificateException {
?? ??? ??? ??? ?
?? ??? ??? ?}
?? ??? ??? ?@Override
?? ??? ??? ?public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1)
?? ??? ??? ??? ??? ?throws java.security.cert.CertificateException {
?? ??? ??? ??? ?
?? ??? ??? ?}
?? ??? ??? ?@Override
?? ??? ??? ?public java.security.cert.X509Certificate[] getAcceptedIssuers() {
?? ??? ??? ??? ?return null;
?? ??? ??? ?}
?? ??? ?};
?? ??? ?//這個(gè)好像是HOST驗(yàn)證
?? ??? ?X509HostnameVerifier hostnameVerifier = new X509HostnameVerifier() {
?? ??? ??? ?public boolean verify(String arg0, SSLSession arg1) {
?? ??? ??? ??? ?return true;
?? ??? ??? ?}
?? ??? ??? ?public void verify(String arg0, SSLSocket arg1) throws IOException {}
?? ??? ??? ?public void verify(String arg0, String[] arg1, String[] arg2) throws SSLException {}
?? ??? ??? ?@SuppressWarnings("unused")
?? ??? ??? ?public void verify(String arg0, X509Certificate arg1) throws SSLException {}
?? ??? ??? ?@Override
?? ??? ??? ?public void verify(String arg0, java.security.cert.X509Certificate arg1) throws SSLException {
?? ??? ??? ??? ?
?? ??? ??? ?}
?? ??? ?};
?? ??? ?
?? ??? ?try {
?? ??? ??? ?//TLS1.0與SSL3.0基本上沒(méi)有太大的差別,可粗略理解為TLS是SSL的繼承者,但它們使用的是相同的SSLContext
?? ??? ??? ?SSLContext ctx = SSLContext.getInstance("TLS");
?? ??? ??? ?//使用TrustManager來(lái)初始化該上下文,TrustManager只是被SSL的Socket所使用
?? ??? ??? ?ctx.init(null, new TrustManager[] { xtm }, null);
?? ??? ??? ?//創(chuàng)建SSLSocketFactory
?? ??? ??? ?SSLSocketFactory socketFactory = new SSLSocketFactory(ctx);
?? ??? ??? ?socketFactory.setHostnameVerifier(hostnameVerifier);
?? ??? ??? ?//通過(guò)SchemeRegistry將SSLSocketFactory注冊(cè)到我們的HttpClient上
?? ??? ??? ?httpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", socketFactory, 443));
?? ??? ?} catch (KeyManagementException e1) {
?? ??? ??? ?e1.printStackTrace();
?? ??? ?} catch (NoSuchAlgorithmException e1) {
?? ??? ??? ?e1.printStackTrace();
?? ??? ?}
總結(jié)
以上是生活随笔為你收集整理的javax.net.ssl.SSLException: hostname in certificate didn't match:的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問(wèn)題。
- 上一篇: R语言与多元线性回归分析计算实例
- 下一篇: TSN算法的PyTorch代码解读(训练