1. 首頁
  2. 問答
  3. 連接使用Apache Commons的HttpClient 3.1投擲ValidatorException

連接使用Apache Commons的HttpClient 3.1投擲ValidatorException

2009-10-26 95 views
2

我試圖連接到使用Apache Commons HttpClient 3.1一個安全的服務器在Java中安全的服務器。
問題是,每次應用程序連接,它拋出一個連接使用Apache Commons的HttpClient 3.1投擲ValidatorException

sun.security.validator.ValidatorException。

這裏是堆棧跟蹤

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:PKIX路徑驗證 失敗:java.security.cert.CertPathValidatorException:名稱鏈接檢查失敗javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:PKIX路徑驗證 失敗:java.security.cert.CertPathValidatorException:subject/issuer 名鏈接檢查在com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) 在com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java失敗 :1611) 在com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) 在com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181 ) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124) 在com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) 在com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) 在COM .sun.net.ssl.interna lsss.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112) at com.sun.net.ssl.internal。 ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java: 65) 在java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123) 在org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506) 在org.apache.commons.httpclient。 HttpMethodBase.writeRequest(HttpMethodBase.java:2114) 在org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java :1096) 在org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) 在org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) 在org.apache.commons .httpClient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at balanceschecker.connector.Connector.conn(Connector.java:27) 在balanceschecker.connector.Connector.RawPost(Connector.java:99) at balanceschecker.connector.Connector.Post(Connector.java:111) at balanceschecker.login.Login.Login(Login.java:87) at balanceschecker .Main.main(Main.java:21)引起:sun.security.validator.ValidatorExcep重刑:PKIX路徑驗證 失敗:java.security.cert.CertPathValidatorException:主題/發行人 名稱鏈接檢查在sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:251) 在sun.security.validator失敗 。 PKIXValidator。doValidate(PKIXValidator.java:234) 在sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:158) 在sun.security.validator.Validator.validate(Validator.java:218) 在的com.sun。 net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) at com.sun.net。 ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014) ... 21 more引起:java .security.cert.CertPathValidatorException:主題/發行人名稱 鏈接檢查失敗 at sun.secu rity.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:139) 在sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:326) 在sun.security.provider.certpath.PKIXCertPathValidator.engineValidate( PKIXCertPathValidator.java:178) 在java.security.cert.CertPathValidator.validate(CertPathValidator.java:250) 在sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:246) ...... 28多個

赫雷什我使用的代碼(編輯和壓縮比特)

 

installAllTrustManager(); 

PostMethod post = new PostMethod(server_path); 
NameValuePair[] data = new NameValuePair { 
    new NameValuePair("Username", username), 
    new NameValuePair("Password", password) 
}; 
     post.setRequestBody(data); 
     post.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, new DefaultHttpMethodRetryHandler(3, false)); 
try { 
      HttpClient hc = new HttpClient(); 
      int result2 = hc.executeMethod(post); 
      if (result2 != HttpStatus.SC_OK) { 
       throw new IOException("HTTP Status Not OK: " + result2); 
      } 
      return post.getResponseBodyAsStream(); 
     } finally { 
      post.releaseConnection(); 
     }

我看了一下該網站的證書,他們仍然有效一年多。 然後我試圖繞過使用「How to bypass trusted host and certificate check in Java」中顯示的代碼的證書檢查,但是仍然拋出異常。

我在做什麼錯?
如何成功連接到服務器?

來源

2009-10-26 Kryten

回答

5

此錯誤表示無法驗證證書鏈。可能的原因有:

  1. 根CA不受JRE的信任。
  2. 證書由中間證書籤名,但服務器不會隨證書一起發送證書。

這是怎麼弄的根證書的列表,

keytool -list -keystore $JAVA_HOME/lib/security/cacerts -v

我不知道任何Java的方法來檢查,如果中間證書被髮送。我使用openssl,

openssl s_client -host example.com -port 443

將顯示所有由服務器發送的證書。注意「證書鏈」。

來源

2009-10-26 13:30:22

相關問題

 相關問題