stackoom
  简体   繁体   中英

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated in netbeans

 原文  2017-05-08 12:25:14       java/ ssl/ netbeans/ apache-httpclient-4.x

Question

I am using HttpClient-4.0.3 and already added certificate on server. The command is as below : 

keytool -import -file "C:\Users\apex\Downloads\RootCABangladesh2016.cer" -keystore "C:\Program Files\Java\jdk1.8.0_131\jre\lib\security\cacerts" -alias "sds certificate"

But still I am getting below error.

I have read existing issue saying to add TrustManager (X509TrustManager) but as per my thinking this is not solution.

The exception is as follows : 

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:431)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)   
    at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:399)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:143)
    at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
    at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)
    at jsonParser.JSONParser.makeHttpRequest(JSONParser.java:54)
    at powersms.SendSms.sendSms(SendSms.java:44)
    at powersms.SendSms.run(SendSms.java:32)

I have tried this solution . But this is not working for me .

I have checked the expire date by this command. 

keytool -list -v -alias "sds certificate" -keystore "C:\Program Files\Java\jdk1.8.0_131\jre\lib\security\cacerts" -storepass "changeit" | grep "Valid from:"

But this shows me : 

Valid from: Wed Dec 21 16:43:56 BDT 2016 until: Mon Dec 21 16:43:56 BDT 2026

I have added jvm parameters . 

-Djavax.net.debug=ssl:handshake

Then I go this output : 

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:431)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:399)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:143)
    at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
    at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)
    at jsonParser.JSONParser.makeHttpRequest(JSONParser.java:54)
    at powersms.SendSms.sendSms(SendSms.java:44)
    at powersms.SendSms.run(SendSms.java:32)
%% Invalidated:  [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
Thread-0, SEND TLSv1 ALERT:  fatal, description = certificate_unknown
Thread-0, WRITE: TLSv1 Alert, length = 2
Thread-0, called closeSocket()
Thread-0, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Thread-0, IOException in getSession():  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Buffer Error  Error converting result java.lang.NullPointerException
JSON ParserError parsing data org.json.JSONException: A JSONObject text must begin with '{' at character 0
Json is null

1 answers

solution1
 1 ACCPTED  2017-05-10 18:14:07

This has been an issue with HttpClient for a while when you try to connect to a secured(ie https) URL. There's this class EasySSLProtocolSocketFactory in HttpClient though, which lets you create sockets that accept self-signed certificates. You can try using that as described in the documentation- EasySSLProtocolSocketFactory

Not sure if it will solve your problem or not, and it's not very much encouraged to use in production. But you can definitely give it a try to see how it comes up!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache HttpClient Error: javax.net.ssl.SSLPeerUnverifiedException: Peer Not Authenticated Java 8 javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated, but not Java 7 javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated in Tomcat with Apache HttpClient JDK 11. javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated Java - javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated Exception : javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated only on production server How to solve javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated Exception in Rally Rest api using java? javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated in jdk7 but not in jdk8 javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated after upgrading Spring Boot from 2.1.0 to 2.2.0.M3
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM