具有自签名证书的Java SSLHandshakeException
[英]Java SSLHandshakeException with self-signed certificate
问题描述
I am trying to access local https site with self-signed certificate. 
我正在尝试使用自签名证书访问本地https站点。 I modified the hostfile and I assigned an Ip address to my localsite; 我修改了主机文件,并为本地站点分配了一个IP地址。 the code I am using to get to the site: 我用来访问该网站的代码:
String httpsURL = "https://test-ssl.com";
URL myurl = new URL(httpsURL);
HttpsURLConnection con = (HttpsURLConnection)myurl.openConnection();
InputStream ins = con.getInputStream();
InputStreamReader isr = new InputStreamReader(ins);
BufferedReader in = new BufferedReader(isr);
String inputLine;
while ((inputLine = in.readLine()) != null)
{
System.out.println(inputLine);
}
in.close();
}
and I am getting this Error Message: 我收到此错误消息:
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
I have imported the self-signed certificate into the keystore using following this command: 我已使用以下命令将自签名证书导入密钥库:
keytool -import -alias site-ssl -keystore cacerts -file site-ssl.com.cer
Certificate was imported successfully 证书已成功导入
what am I missing here? 我在这里想念什么?
1 个解决方案
解决方案1
1 2016-04-29 05:04:07
You should try it with a hostname instead of the IP address in the URL. 您应该尝试使用主机名代替URL中的IP地址。 It's trying to do hostname verification, and the certificate doesn't contain a Subject Alternative Name for 192.168.1.6 . 它正在尝试进行主机名验证,并且证书不包含192.168.1.6的使用者备用名称。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.