无法使用java连接到HTTPS URL
我想用java读取安全URL(HTTPS)。 我正在尝试以下方面。 它给了我
public static void main(String[] arg) { try { URL url = new URL("http://www.google.com"); System.out.println("Connecting to www.google.com"); URLConnection ucon = url.openConnection(); System.out.println("Connectied to www.google.com"); System.out.println("Retrieving contents from www.google.com"); String htmlContents = getResponseData(ucon); System.out.println("Retrieved contents from Yahoo! as follows"); System.out.println(htmlContents); } catch (Exception e) { e.printStackTrace(); } } 这给了我以下输出。
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:877) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1116) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1100) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:960) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) at ReadHtml.getResponseData(ReadHtml.java:24) at ReadHtml.main(ReadHtml.java:13) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145) at sun.security.validator.Validator.validate(Validator.java:203) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172) at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841) ... 13 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216) ... 18 more
请给我建议什么可以解决错误。 注意:我无法获得证书。 所以请不要给出答案,因为获得安全证书。
任何forms的指导将不胜感激。 谢谢
试试这段代码:
public static void main(String[] arg) throws Exception { String url = "https://google.com"; SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, new TrustManager[] { new TrustManager() }, null); SSLContext.setDefault(ctx); HttpsURLConnection conn = (HttpsURLConnection) new URL(url).openConnection(); conn.setHostnameVerifier(new HostVerifier()); conn.setRequestMethod("GET"); conn.connect(); System.out.println("Response: " + conn.getResponseCode()); } private static class HostVerifier implements HostnameVerifier { @Override public boolean verify(String paramString, SSLSession paramSSLSession) { return true; } } private static class TrustManager implements X509TrustManager { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } }
似乎问题是您在信任库中没有该证书,如果您无法在信任库中添加它,请查看此页面 。
通过配置HostenameVerifier和DefaultSSLSocketFactory,可以为正在运行的进程关闭validation
见http://www.nakov.com/blog/2009/07/16/disable-certificate-validation-in-java-ssl-connections/
请注意,您可能会通过这种方法引入安全风险!