尝试使用HTTPclient接受SSL证书时,为什么会收到连接重置?
[英]Why do I receive a connection reset when I tried to accept my SSL certificate using HTTPclient?
问题描述
I tried to accept my certificate to test my REST api. 
我试图接受我的证书来测试我的REST API。 For that, I tried : 为此,我尝试了:
SSLContext sslcontext = SSLContexts
.custom()
.loadTrustMaterial(new File(KEYSTORE_PATH), KEYSTORE_PASSWORD,
new TrustSelfSignedStrategy()).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext, new String[] { "TLSv1" }, null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
CloseableHttpClient closeableHttpClient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE).build();
try {
HttpPost postRequest = new HttpPost(BASE_URL);
CloseableHttpResponse response = closeableHttpClient
.execute(postRequest);
// try {
HttpEntity entity = response.getEntity();
EntityUtils.consume(entity);
// } finally {
// response.close();
// }
} finally {
closeableHttpClient.close();
}
The error happen when I do closeableHttpClient.execute(postRequest); 当我执行closeableHttpClient.execute(postRequest);时发生错误closeableHttpClient.execute(postRequest);
Variables are : 变量是:
private static final String KEYSTORE_PATH = System.getProperty("java.home")
+ "/lib/security/cacerts".replace('/', File.separatorChar);
private static final char[] KEYSTORE_PASSWORD = "changeit".toCharArray();
private static final String BASE_URL = "http://localhost:9010/api";
note : I do not have a domain name, i'm on localhost. 注意:我没有域名,我在localhost上。 If I understood the error well it's my SSLConnectionSocketFactory closed too early. 如果我很好地理解了错误,那是我的SSLConnectionSocketFactory关闭得太早了。 But I don't know how and why. 但是我不知道如何以及为什么。
EDIT : I'm using HTTPClient. 编辑:我正在使用HTTPClient。 If I update the port HTTP to HTTPS, I receive another error : javax.net.ssl.SSLPeerUnverifiedException: Host name 'localhost' does not match the certificate subject provided by the peer 如果将端口HTTP更新为HTTPS, javax.net.ssl.SSLPeerUnverifiedException: Host name 'localhost' does not match the certificate subject provided by the peer收到另一个错误: javax.net.ssl.SSLPeerUnverifiedException: Host name 'localhost' does not match the certificate subject provided by the peer
1 个解决方案
解决方案1
0 已采纳 2016-12-12 13:18:03
I found the solution here : javax.net.ssl.SSLPeerUnverifiedException: Host name does not match the certificate subject provided by the peer My code is now : 我在这里找到解决方案: javax.net.ssl.SSLPeerUnverifiedException:主机名与对等方提供的证书主题不匹配我的代码现在是:
SSLContext sslcontext = SSLContexts
.custom()
.loadTrustMaterial(new File(KEYSTORE_PATH), KEYSTORE_PASSWORD,
new TrustSelfSignedStrategy()).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext, NoopHostnameVerifier.INSTANCE);
final Registry<ConnectionSocketFactory> registry = RegistryBuilder
.<ConnectionSocketFactory> create()
.register("http", new PlainConnectionSocketFactory())
.register("https", sslsf).build();
final PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(
registry);
cm.setMaxTotal(100);
It's working but I'm still working on it (understand and find if I can do something else/better)! 它正在工作,但我仍在努力(了解并确定我是否可以做其他事情/更好)! Thanks 谢谢
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.