2014-11-03 80 views
0

使用HostnameVerifier這樣的:無法驗證主機名個體

private final HostnameVerifier myVerifier = new HostnameVerifier(){ 
    public boolean verify(String hostname, SSLSession session) { 
     return true; 
    } 
} 

與此代碼的偉大工程:

HttpsURLConnection.setDefaultHostnameVerifier(myVerifier); 
URL u = new URL("https://foobar.de/"); 
u.openStream(); // <!-- GOOD 

但是這個代碼不工作:

URL u = new URL("https://foobar.de/"); 
final HttpsURLConnection openConnection = (HttpsURLConnection) u.openConnection(); 
openConnection.setHostnameVerifier(myVerifier); 
u.openStream();// <!--EXCEPTION 

這是例外情況:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching rossmann.de found. 
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) 
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) 
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) 
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) 
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) 
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) 
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) 
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300) 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) 
    at java.net.URL.openStream(URL.java:1037) 
    at Test.main(Test.java:21) 
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching rossmann.de found. 
    at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:191) 
    at sun.security.util.HostnameChecker.match(HostnameChecker.java:93) 
    at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347) 
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203) 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) 
    ... 13 more 

爲什麼?

回答

0

嗯,我需要使用相同的連接。

openConnection.getInputStream()