1. 首頁
  2. 問答
  3. 出現SSLHandshakeException與OAuth認證面臨

出現SSLHandshakeException與OAuth認證面臨

2016-02-15 64 views
3

我的代碼:出現SSLHandshakeException與OAuth認證面臨

URL url=new URL(https url with client id and clientsecret); 
    HttpURLConnection connect=(HttpURLConnection) url.openConnection(); 
    connect.setRequestMethod("POST"); 
    connect.setRequestProperty("Content-Type","application/x-www-form-urlencoded"); 
    connect.setDoOutput(true);

通過這個我越來越

javax.net.ssl.SSLHandshakeException:無法驗證SSL證書 的URL:(我的網址)

如果試圖改變HttpsURLConnection

URL url=new URL(https url with client id and clientsecret); 
    HttpsURLConnection connect=(HttpsURLConnection) url.openConnection(); 
    connect.setRequestMethod("POST"); 
    connect.setRequestProperty("Content-Type","application/x-www-form-urlencoded"); 
    connect.setDoOutput(true);

我越來越

java.lang.ClassCastException: com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler $連接 不能轉換到javax.net.ssl.HttpsURLConnection中

我正在與GAE合作。我需要解決這個問題來獲取訪問令牌。 通過查看舊問題,我沒有得到正確的解決方案。

當m通過「curl」嘗試通過終端時,我能夠獲得有效的訪問令牌。

curl --data "parameters like client id and client secret and the auth_code" my https url

在此之後米能夠得到令牌

來源

2016-02-15 SHAKTI KUMAR

+0

即使我嘗試了一些代碼,我發現在http://stackoverflow.com/questions/2893819/telling-java-to-accept-self-signed-ssl-certificate –

+0

這是否發生在開發服務器上或者也在部署的應用程序? – Adam

+0

我hv尚未在已部署的應用程序中添加此代碼。我只是在當地檢查。 –

回答

0

原來問題的有效響應由一個無法驗證的SSL證書在您的域名造成的。這可能是因爲證書在某種程度上不好或者因爲Google沒有意識到信任鏈的根源。您應該專注於調查您的SSL設置。

的第二個問題是由試圖投的javax.net.URL.openConnection()(這在App Engine運行時將的com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection實例返回)javax.net.ssl.HttpsURLConnection,它不能做的結果造成的。

來源

2016-02-16 00:33:16 Nick

+0

嗨@尼克我試圖通過執行下面的代碼通過我的終端獲得證書,然後它也顯示像SSL握手錯誤。 ** echo -n | openssl s_client -connect :443 | sed -ne'/ -BEGIN CERTIFICATE - /,/ - END CERTIFICATE-/p'>〜/ .crt ** –

+0

[Qualys SSL Labs提供了一個很棒的工具來分析您的證書](https://www.ssllabs。 COM/ssltest /)。值得一試。 – Nick

+0

嗨尼克thanx的網址。它非常有用。 –

0

我相信你需要加載密鑰庫。這裏

package com.tdi.api.brm.service; 

import java.io.InputStream; 
import java.security.KeyStore; 

import org.apache.http.HttpEntity; 
import org.apache.http.HttpResponse; 
import org.apache.http.client.HttpClient; 
import org.apache.http.client.methods.HttpPost; 
import org.apache.http.conn.scheme.Scheme; 
import org.apache.http.conn.ssl.SSLSocketFactory; 
import org.apache.http.entity.StringEntity; 
import org.apache.http.impl.client.DefaultHttpClient; 
import org.apache.http.message.BasicHttpResponse; 
import org.apache.http.protocol.HTTP; 
import org.apache.log4j.Logger; 

import com.tdi.api.brm.servlet.InitServlet; 
import com.tdi.api.brm.util.TDI_Constants; 
import com.tdi.api.brm.util.TDI_Utility; 
import com.tdi.common.exceptions.TDI_CommonException; 
import com.tdi.common.utility.TDI_CommonConstants; 
import com.tdi.restService.model.tdiapis.ProccessAccountElements; 

public class TDI_IGProcessAccountServiceImpl2 extends AbstractBaseService implements TDI_IGProcessAccountService{ 

static final Logger LOGGER = Logger.getLogger(TDI_IGProcessAccountServiceImpl2.class); 

public TDI_IGProcessAccountServiceImpl2(){ 
    LOGGER.debug("TDI_IGProcessAccountServiceImpl: Contructor: Entered"); 

    LOGGER.debug("TDI_IGProcessAccountServiceImpl: Contructor: Leaving"); 
} 

public ProccessAccountElements processAccount(String payload, String environment) throws Exception{ 
    LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Entered"); 

    ProccessAccountElements serviceResp = new ProccessAccountElements(); 
    String xmlFilePath; 
    String xmlString; 
    String httpResponsexml; 
    String httpPostUri; 
    StringEntity stringEntity; 
    HttpClient httpClient = null; 
    HttpPost httpPost; 
    HttpResponse httpResponse; 
    HttpEntity httpEntity; 

    InputStream keyStoreInputStream; 
    String keyStoreFilePath; 
    String keyStorePassword; 
    KeyStore keyStore; 
    SSLSocketFactory socketFactory; 
    Scheme scheme; 

    try{ 

      xmlFilePath = TDI_Constants.XML_TEMPLATE_DIR.concat(TDI_Constants.FORWARD_SLASH).concat(TDI_Constants.TDI_PROCESS_ACCOUNT_XML); 


      xmlString = TDI_Utility.readFromFile(xmlFilePath); 

      stringEntity = new StringEntity(payload, HTTP.UTF_8); 
      stringEntity.setContentType(TDI_Constants.TEXT_XML); 

      httpPostUri = InitServlet.getPropertyValue(environment.concat(TDI_Constants.DELIMITER_UNDERSCORE).concat(TDI_Constants.IG_PROCESS_ACCOUNT_URL1)); 

      httpPost = new HttpPost(httpPostUri); 
      httpPost.setHeader(TDI_Constants.CONTENT_TYPE, TDI_Constants.CONTENT_TYPE_VALUE); 
      httpPost.setEntity(stringEntity); 

      keyStorePassword = TDI_Constants.KEY_STORE_PASSWORD; 
      keyStoreFilePath = TDI_Constants.BRM_SHARE.concat(TDI_Constants.FORWARD_SLASH).concat(environment).concat(TDI_Constants.DELIMITER_UNDERSCORE).concat(TDI_Constants.PROCESS_ACCOUNT_CERTIFICATE); 

      keyStoreInputStream = TDI_Utility.getResourceAsInputStream(keyStoreFilePath); 

      keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 

      try { 
       keyStore.load(keyStoreInputStream, keyStorePassword.toCharArray()); 
       LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: keyStore: Loaded"); 
      }finally{ 
       keyStoreInputStream.close(); 
       LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: keyStoreInputStream: Closed"); 
      } 

      socketFactory = new SSLSocketFactory(keyStore); 
      socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); 
      LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: HostnameVerifier: Set"); 

      scheme = new Scheme(TDI_Constants.HTTPS, socketFactory, TDI_Constants.PORT_443); 
      LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: Scheme: Created"); 

      httpClient = new DefaultHttpClient(); 

      httpClient.getConnectionManager().getSchemeRegistry().register(scheme); 
      LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: HttpClient: Registered"); 

      httpResponse = (BasicHttpResponse) httpClient.execute(httpPost); 

      //Capture the TDI-Service un available exception 
      if(httpResponse != null && httpResponse.getStatusLine().toString().contains(TDI_Constants.WEBSERVICE_UNAVAIALBLE)){ 
       LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: URL : " + httpPostUri); 
       LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: httpResponse.getStatusLine() " + httpResponse.getStatusLine().toString()); 
       throw new TDI_CommonException(TDI_Constants.WEBSERVICE_ERROR_CODE_404,TDI_Constants.IG_SERVICE_ERROR_MESSAGE_404); 
      } 

      if(httpResponse != null) { 
       httpEntity = httpResponse.getEntity(); 
       httpResponsexml = TDI_Utility.getInputStreamAsString(httpEntity.getContent()); 
       serviceResp = parseResponseXML (httpEntity, httpResponsexml);  

      }else{ 
       httpResponsexml = TDI_Constants.COMMON_XML_RESPONSE_ERROR_NO_RESPONSE; 
       throw new TDI_CommonException(TDI_CommonConstants.ERROR_CODE_932, httpResponsexml); 
      } 
      LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: Final: HttpResponsexml=[" + httpResponsexml + "]"); 

     LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: Leaving"); 
    }catch(java.net.SocketException soe){ 
     LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Socket Exception Entered"); 
     LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Socket Exception: " + soe.getMessage()); 
     LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Socket Exception Leaving"); 
     throw new TDI_CommonException(TDI_Constants.WEBSERVICE_ERROR_CODE_404,TDI_Constants.IG_SERVICE_ERROR_MESSAGE_404); 
    }catch(TDI_CommonException e){ 
     e.printStackTrace(); 
     LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: TDI_CommonException: Entered"); 
     LOGGER.error("TDI_IGProcessAccountServiceImpl: processAccount: Catch: TDI_CommonException: " + e); 
     LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: TDI_CommonException: Leaving"); 
     serviceResp.setRespCode(TDI_Constants.WDR_WEBSERVICE_ERROR_CODE); 
     serviceResp.setRespDesc(TDI_Constants.WDR_SERVICE_ERROR_MESSAGE); 
     throw e; 
    }catch(Exception e){ 
     LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Exception: Entered"); 
     LOGGER.error("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Exception: " + e); 
     LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Exception: Leaving"); 
     serviceResp.setRespCode(TDI_Constants.WDR_WEBSERVICE_ERROR_CODE); 
     serviceResp.setRespDesc(TDI_Constants.WDR_SERVICE_ERROR_MESSAGE); 
     throw e; 
    } 

    LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Leaving"); 
    return serviceResp; 
}

}

檢查方案,在此示例中:你應該保存證書並加載.jks進行連接。

來源

2016-02-16 01:10:08 JRadcliffe

+0

嗨JRadcliffe thanx的鏈接,但我已經檢查了,我沒有得到所需的解決方案。 –

+0

已更新,看看是否可以幫助該計劃。如果你可以使用DefaultHttpClient,那可能會丟失 – JRadcliffe

相關問題

 相關問題