[英]Certificate handling: Difference between apache httpclient 4.0.1 and 4.1.2?
I try to connect to a server that uses certificates. 我尝试连接到使用证书的服务器。 I call this code before connecting to make sure that all certificates are accepted. 我在连接之前调用此代码以确保接受所有证书。 This works well using apache httpclient 4.0.1. 使用apache httpclient 4.0.1可以很好地工作。 But recently I updated to 4.1.2 and now I get the following error. 但最近我更新到4.1.2现在我收到以下错误。
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class CertificateAcceptor {
public void initializeTrustManager() {
try {
SSLContext context = SSLContext.getInstance("SSL");
context.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
System.out.println("Certificate");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
}
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// TODO Auto-generated method stub
}
}
};
}
Nevertheless I always get this error message: 不过我总是得到这个错误信息:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)..
...
What could be the reason for that? 可能是什么原因?
Apache HttpClient prior to version 4.1 used to pick up default SSL settings from javax.net.ssl.HttpsURLConnection
by mistake. 版本4.1之前的Apache HttpClient用于从javax.net.ssl.HttpsURLConnection
错误地获取默认SSL设置。 This is no longer the case as of version 4.1. 从版本4.1开始不再是这种情况。
Please use HttpClient native API to configure SSL context for HTTPS connections. 请使用HttpClient本机API为HTTPS连接配置SSL上下文。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.