我正在從SSL套接字讀取,但主機與證書不匹配(例如,host = "localhost"
)。我期待着這個例外,但下面的代碼愉快地與遠程服務器交談時沒有任何問題。SSLSocket忽略域名不匹配
try (
final Socket socket = SSLSocketFactory.getDefault().createSocket(host, port);
final OutputStream os = socket.getOutputStream();
final InputStream is = socket.getInputStream()) {
os.write(("HEAD/HTTP/1.1\r\nHost: " + host + "\r\nConnection: close\r\n\r\n").getBytes());
os.flush();
final byte[] bytes = new byte[1024];
int n;
while ((n = is.read(bytes)) != -1) {
System.out.print(new String(bytes, 0, n));
}
System.out.println();
} catch (final IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
因此,我已經試過另一種方法:
try {
final HttpURLConnection conn = (HttpURLConnection) new URL("https://" + host + ":" + port + "/").openConnection();
try (InputStream is = conn.getInputStream()) {
IOUtils.copy(is, System.out);
} catch (final IOException e1) {
try (InputStream es = conn.getErrorStream()) {
if (es != null) {
IOUtils.copy(es, System.out);
}
}
}
} catch (final IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
不幸的是我還沒有得到SSL例外,只是WARN在日誌中: 2013-07-31 16:02:27,182 WARN nio - javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
如何獲得SSL異常,如果證書不符合?
感謝您提供詳細信息。 –