1. 首頁
  2. 問答
  3. javax.net.ssl.SSLPeerUnverifiedException:在JDK7同行未通過身份驗證,但不是在jdk8

javax.net.ssl.SSLPeerUnverifiedException:在JDK7同行未通過身份驗證,但不是在jdk8

2017-03-31 44 views
0 
HttpClient =new DefaultHttpClient(); 
HttpPost post = new HttpPost("https://myulr/token"); 
post.addHeader("Content-Type", "application/x-www-form-urlencoded"); 
List<BasicNameValuePair> parametersBody = new ArrayList<BasicNameValuePair>(); 
parametersBody.add(new BasicNameValuePair("client_id","my-client-id")); 
parametersBody.add(new BasicNameValuePair("client_secret","my-secret-key")); 
parametersBody.add(new BasicNameValuePair("scope","my-scope")); 
parametersBody.add(new BasicNameValuePair("grant_type","client_credentials")); 
try{ 
    post.setEntity(new UrlEncodedFormEntity(parametersBody)); 
    HttpResponse httpResponse = httpClient.execute(post); 
    int code = httpResponse.getStatusLine().getStatusCode(); 
    System.out.println("Code::::: "+code); 
    String result=EntityUtils.toString(httpResponse.getEntity()); 
    System.out.println("Result: "+result); 
}catch(Exception e){ 
    e.printStackTrace(); 
}

這段代碼在JDK8被正確執行,但如果我嘗試在JDK7來執行它,它是扔javax.net.ssl.SSLPeerUnverifiedException :未經過身份驗證的異常。我試圖谷歌的問題。我發現我們可以編寫X509TrustManager和X509HostnameVerifier。我也嘗試過這些實現,但仍然沒有工作。請建議我如何在JDK7中執行它。 再次,如果我執行與X509TrustManager和X509HostnameVerifier的代碼,我得到「java.net.SocketException異常:連接復位」javax.net.ssl.SSLPeerUnverifiedException:在JDK7同行未通過身份驗證,但不是在jdk8

來源

2017-03-31 Roshan

回答

0

我剛剛研究了這一點,我想補充這一點 - 支持TLS 1.2第一次出現在JDK 7 。出於兼容性原因,它在服務器套接字上默認啓用,但在客戶端上禁用。 要改變它,我寫了下面的代碼,它爲我工作:

HttpClient base = new DefaultHttpClient(); 
SSLContext ctx = SSLContext.getInstance("TLSv1.2"); 
X509TrustManager tm = new X509TrustManager() { 
    public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { 
    } 
    public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { 
    } 
    public X509Certificate[] getAcceptedIssuers() { 
     return null; 
    } 
}; 
X509HostnameVerifier verifier = new X509HostnameVerifier() { 
    @Override 
    public void verify(String string, X509Certificate xc) throws SSLException { 
    } 
    @Override 
    public void verify(String string, String[] strings, String[] strings1) throws SSLException { 
    } 
    @Override 
    public boolean verify(String string, SSLSession ssls) { 
     return true; 
    } 
    @Override 
    public void verify(String arg0, SSLSocket arg1) throws IOException { 
    } 
}; 
ctx.init(null, new TrustManager[]{tm}, null); 
SSLSocketFactory ssf = new 
SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); 
ssf.setHostnameVerifier(verifier); 
ClientConnectionManager ccm = base.getConnectionManager(); 
SchemeRegistry sr = ccm.getSchemeRegistry(); 
sr.register(new Scheme("https", ssf, 443)); 
httpClient = new DefaultHttpClient(ccm, base.getParams());

來源

2017-04-04 20:14:07 Roshan

相關問題

 相關問題