证书处理:apache httpclient 4.0.1和4.1.2之间的区别?
[英]Certificate handling: Difference between apache httpclient 4.0.1 and 4.1.2?
问题描述
I try to connect to a server that uses certificates. 
我尝试连接到使用证书的服务器。 I call this code before connecting to make sure that all certificates are accepted. 我在连接之前调用此代码以确保接受所有证书。 This works well using apache httpclient 4.0.1. 使用apache httpclient 4.0.1可以很好地工作。 But recently I updated to 4.1.2 and now I get the following error. 但最近我更新到4.1.2现在我收到以下错误。
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class CertificateAcceptor {
public void initializeTrustManager() {
try {
SSLContext context = SSLContext.getInstance("SSL");
context.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
System.out.println("Certificate");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
}
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// TODO Auto-generated method stub
}
}
};
}
Nevertheless I always get this error message: 不过我总是得到这个错误信息:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)..
...
What could be the reason for that? 可能是什么原因?
1 个解决方案
解决方案1
2 2011-12-13 15:48:27
Apache HttpClient prior to version 4.1 used to pick up default SSL settings from javax.net.ssl.HttpsURLConnection by mistake. 版本4.1之前的Apache HttpClient用于从javax.net.ssl.HttpsURLConnection错误地获取默认SSL设置。 This is no longer the case as of version 4.1. 从版本4.1开始不再是这种情况。
Please use HttpClient native API to configure SSL context for HTTPS connections. 请使用HttpClient本机API为HTTPS连接配置SSL上下文。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.