[英]java.security.cert.CertificateException: No subject alternative names present;
我使用的是WSO2 API Manager 1.9.1版。 在这个工具中,我发布了我的示例项目(即proxied )并订阅该项目以获取消费者密钥和秘密。 这个工具也给了我CURL命令,它工作正常。
下面的CURL命令运行正常。
curl -k -d "grant_type=password&username=XXXXX&password=XXXXX" -H "Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, Content-Type: application/x-www-form-urlencoded" https://XXXXXXXXXXX:XXXX/token
现在我正在尝试使用RestTemplate开发java代码,它将连接到SSL protected site而无需cert verification即查看上面的CURL命令的insecure方式。 到目前为止,我开发了以下代码,但是当我运行时,我看到以下错误。
public static void main(String[] args) {
HttpHeaders headers = new HttpHeaders();
headers.add("Accept", "application/json");
headers.add("Content-Type", MediaType.APPLICATION_FORM_URLENCODED.toString());
headers.add("Authorization", "Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
String url = "https://XXXXXXXXXXXXXX:XXXX/token";
String data = "grant_type=password&username=XXXXX&password=XXXXX";
RestTemplate restTemplate = new RestTemplate();
HttpEntity<String> entity = new HttpEntity<String>(data,headers);
HttpEntity<String> response = restTemplate.exchange(url, HttpMethod.POST, entity, String.class);
System.out.println("RESPONSE : "+response.getBody());
}
我面临的错误。 请建议我们如何连接到SSL站点不安全的方式,同样的curl命令呢?
Exception in thread "main" org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://XXXXXXXXXXX:8243/token":java.security.cert.CertificateException: No subject alternative names present; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:580)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:530)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:448)
at com.java.wso2.TokenDemo.main(TokenDemo.java:74)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:81)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:569)
... 3 more
我们如何解决这个错误? 偏离我的问题与javax.net.ssl.SSLHandshakeException不同:java.security.cert.CertificateException:没有主题替代名称
通过应用以下代码可以解决以下问题,这些代码以不安全的方式连接到受SSL保护的站点。 (注意:要使用cert enable连接到SSL站点,您需要添加tomcat SSL配置)。
以下代码工作正常。
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.web.client.RestTemplate;
static {
disableSslVerification();
}
private static void disableSslVerification() {
try{
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}
};
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
// Install the all-trusting host verifier
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
HttpHeaders headers = new HttpHeaders();
headers.add("Accept", "application/json");
headers.add("Content-Type", MediaType.APPLICATION_FORM_URLENCODED.toString());
headers.add("Authorization", "Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXX");
String url = "https://XXXXXXXXXXXXX:XXXX/token";
String dataJSON = "grant_type=password&username=XXXXX&password=XXXXX";
RestTemplate restTemplate = new RestTemplate();
HttpEntity<String> entity = new HttpEntity<String>(dataJSON,headers);
HttpEntity<String> response = restTemplate.exchange(url, HttpMethod.POST, entity, String.class);
System.out.println("O/P : "+response.getBody());
}
Kafka Java 消费者 SSL 握手错误:java.security.cert.CertificateException:不存在主题替代名称
[英]Kafka java consumer SSL handshake Error : java.security.cert.CertificateException: No subject alternative names present
来自https的wsimport:[错误] java.security.cert.CertificateException:不存在使用者替代名称
[英]wsimport from https: [ERROR] java.security.cert.CertificateException: No subject alternative names present
如何修复“java.security.cert.CertificateException:没有主题替代名称存在”错误?
[英]How to fix the “java.security.cert.CertificateException: No subject alternative names present” error?
java.security.cert.CertificateException:没有主题替代 DNS 名称匹配
[英]java.security.cert.CertificateException: No subject alternative DNS name matching
java.security.cert.CertificateException:没有与IP地址匹配的使用者替代名称
[英]java.security.cert.CertificateException: No subject alternative names matching IP address
javax.net.ssl.SSLHandshakeException:java.security.cert.CertificateException:没有与 ZA12A3079E14CED46E69BA52B8A90B21 匹配的主题备用名称
[英]javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address
java.security.cert.CertificateException:找不到与IP地址xxxx匹配的使用者替代名称
[英]java.security.cert.CertificateException: No subject alternative names matching IP address x.x.x.x found
URL.getInputStream()导致java.security.cert.CertificateException:没有主题备用DNS名称
[英]URL.getInputStream() causes java.security.cert.CertificateException: No subject alternative DNS name
java.security.cert.CertificateException:无法初始化
[英]java.security.cert.CertificateException: Unable to initialize
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.