I am using HttpURLConnection to do POST requests.
I read HttpsURLConnection extends HttpURLConnection with support for https-specific features such as SSL
If HttpsURLConnection use same methods in HttpURLConnection(parent class), it super calls the methods from HttpURLConnection.
URL url = new URL(callBackUrl);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setConnectTimeout(setConnectTimeout);
connection.setReadTimeout(setConnectTimeout);
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/json; charset=UTF-8");
OutputStreamWriter os = new OutputStreamWriter(connection.getOutputStream());
os.write(data.toString());
os.flush();
os.close();
if (connection.getResponseCode() == HttpURLConnection.HTTP_OK) {
BufferedReader br = new BufferedReader(new InputStreamReader((connection.getInputStream())));
while ((output = br.readLine()) != null) {
stringBuffer.append(output);
}
}
However, when I use a HTTPS Url, I keep getting the error below;
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[na:1.8.0_181]
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964) ~[na:1.8.0_181]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328) ~[na:1.8.0_181]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322) ~[na:1.8.0_181]
Question, how do I handle both SSL and non SSL connection as is the case in PHP where when using CURL, you set ignore SSL check
curl_setopt($cHandler, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($cHandler, CURLOPT_SSL_VERIFYPEER, true);
I am on Linux, Spring framework and TomCat Web Server.
Anyone?
For the HTTPS
things to work first, you would need to add your SSL Certificate into your Java's trust store... For that, you'll have to follow the following steps:
Generally your truststore file of the used JVM would be located at %JAVA_HOME%\\lib\\security\\cacerts
.
You might first take a look if your certificate is already added to the truststore by running the following command:
keytool -list -keystore "%JAVA_HOME%/jre/lib/security/cacerts"
Once you confirm that it is not added to your Java trust store, you can use the following command to add it:
keytool -import -noprompt -trustcacerts -alias <AliasName> -file <certificate> -keystore <KeystoreFile> -storepass <Password>
Once the following steps are done, you should be able to run your program without running into your HTTPS related issues.
Hope that helps!
EDIT-1 : The above method helps adding an SSL Certificate on a Windows environment. Please check the following article for a Linux variant...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.