首页 文章

apache httpclient 4.4的HTTP连接

提问于
浏览
1

我想要做的是从本地https服务器上获取和发布内容 . 当我使用浏览器访问此URL时,我需要手动接受并继续 . 我几乎使用apache提供的这个sample code . 我的编辑就是这样

public class ClientCustomSSL {

   public final static void main(String[] args) throws Exception {
      // Trust own CA and all self-signed certs
      final SSLContext sslcontext = SSLContext.getDefault();
      // Allow TLSv1 protocol only
      final SSLConnectionSocketFactory sslsf =
            new SSLConnectionSocketFactory(sslcontext,
                  new String[] { "TLSv1" }, null,
                  SSLConnectionSocketFactory.getDefaultHostnameVerifier());
      final CloseableHttpClient httpclient =
            HttpClients.custom().setSSLSocketFactory(sslsf).build();
      try {

         final HttpGet httpget =
               new HttpGet("https://localhost:8443/portal/css/style.css");

         System.out.println("executing request " + httpget.getRequestLine());

         final CloseableHttpResponse response = httpclient.execute(httpget);
         try {
            final HttpEntity entity = response.getEntity();

            System.out.println("----------------------------------------");
            System.out.println(response.getStatusLine());
            EntityUtils.consume(entity);
         } finally {
            response.close();
         }
      } finally {
         httpclient.close();
      }
   }

}

但是,我得到了以下异常......

Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
   at sun.security.ssl.Alerts.getSSLException(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
   at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
   at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
   at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
   at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
   at sun.security.ssl.Handshaker.processLoop(Unknown Source)
   at sun.security.ssl.Handshaker.process_record(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:395)
   at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:354)
   at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)
   at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
   at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
   at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
   at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
   at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
   at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
   at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
   at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
   at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
   at com.vmware.vdi.installer.broker.ClientCustomSSL.main(ClientCustomSSL.java:67)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
   at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
   at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
   at sun.security.validator.Validator.validate(Unknown Source)
   at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
   at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
   at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
   ... 21 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
   at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
   at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
   at java.security.cert.CertPathBuilder.build(Unknown Source)
   ... 27 more

不知道我需要做什么....

java apache apache-httpclient-4.x

1 回答

  • 1

    this page中有一个关于这个主题的解决方案 .

    其中一个解决方案是更新JRE_HOME / lib目录中的CACERT文件 . 为此,您可以查看here .

    另一个解决方案是覆盖检查并接受不受信任的证书 .

    TrustManager[] trustAllCerts = new TrustManager[] {
       new X509TrustManager() {
          public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
          }

          public void checkClientTrusted(X509Certificate[] certs, String authType) {  }

          public void checkServerTrusted(X509Certificate[] certs, String authType) {  }

       }
    };
    回复于

相关问题