使用jdk 1.6时SSLHandshake异常
[英]SSLHandshake Exception while using jdk 1.6
问题描述
I am trying to connect to a REST webservice using HTTPClient / URLConnection. 
我正在尝试使用HTTPClient / URLConnection连接到REST Web服务。 Its a simple code that works fine in jdk 1.7 but throws a SSLHandshake Exception while using jdk1.6 它是一个简单的代码,可以在jdk 1.7中正常工作,但是在使用jdk1.6时会抛出SSLHandshake异常
IO Exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching your.domain.name.com found.
...
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching your.domain.name.com found.
Also, the code is very basic 另外,代码非常基础
URL url = new URL("https://your.domain.name.com/services/");
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
urlConnection.setRequestProperty("Authorization", "Basic " + encodedCredenials);
urlConnection.setRequestProperty("Content-Type", "application/vnd.mtdomain.gold+json");
InputStream is = urlConnection.getInputStream();
Is this a known issue between jdk 1.6 and 1.7 ? 这是jdk 1.6和1.7之间的已知问题吗? How can we get this fixed ? 我们如何解决这个问题? I am not much fluent with SSL related issues. 我不太了解SSL相关问题。
1 个解决方案
解决方案1
0 2015-09-08 04:55:49
This issue might be happened due to the below reasons (wrong url, corruped certificate or not valid certificate). 由于以下原因(URL错误,证书损坏或证书无效),可能会发生此问题。
To install the certifcate please use the below syntax. 要安装证书,请使用以下语法。
Default Keystore Installing Certificate to the Default Keystore (JDK cacerts) 1. Export the certificate from the server (.cer) 2. Open command prompt and go to JAVA_HOME/jre/lib/security 3. Execute the following command 默认密钥库将证书安装到默认密钥库(JDK cacerts)1.从服务器(.cer)导出证书2.打开命令提示符并转到JAVA_HOME / jre / lib / security 3.执行以下命令
Windows 视窗
keytool -import -v -alias -keystore cacerts -file \\.cer
Password: changeit
Unix Unix的
/bin/keytool -import -v -alias -keystore cacerts -file \\.cer
Password: changeit
- Select option 'yes' and press enter 选择选项“是”,然后按Enter
Custom Keystore Installing Certificate to the Custom Keystore 1. Export the certificate from the server (.cer) 2. Open command prompt and go the location where you want to create your custom keystore 3. Execute the following command Windows keytool -import -v -trustcacerts -alias -file \\.cer -keystore .jks -keypass changeit Password: changeit 定制密钥库将证书安装到定制密钥库1.从服务器(.cer)导出证书2.打开命令提示符,然后转到要创建定制密钥库的位置。3.执行以下命令Windows keytool -import -v- trustcacerts-别名-file \\ .cer -keystore .jks -keypass changeit密码:changeit
Unix /bin/ keytool -import -v -trustcacerts -alias -file \\.cer -keystore .jks -keypass changeit Password: changeit Unix / bin / keytool -import -v -trustcacerts -alias -file \\ .cer -keystore .jks -keypass changeit密码:changeit
- Select option 'yes' and press enter 选择选项“是”,然后按Enter
Add the following System variables when invoking Custom Keystore 调用自定义密钥库时添加以下系统变量
-Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.security.TrustKeyStore=CustomTrust -
Dweblogic.security.CustomTrustKeyStoreFileName=<location>/<keystore-name>.jks -Djavax.net.ssl.trustStore=<location>/<keystore-name>.jks -Djavax.net.ssl.trustStorePassword=changeit
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.