问题:在使用 org.apache.http.*下的 CloseableHttpClient 发送https请求时报了以上错误

解决方案一:使用java.net.HttpURLConnection

import java.net.HttpURLConnection;

public static HttpURLConnection connectToWeb(String uri) {
HttpURLConnection connection = null;
try {
URL url = new URL(uri);
connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("GET");
connection.connect();
} catch (MalformedURLException ex) {
ex.printStackTrace();
} catch (IOException ex) {
ex.printStackTrace();
}
return connection;
}

解决方案二:在创建SSLConnectionSocketFactory时,添加NoopHostnameVerifier.INSTANCE参数

 public static CloseableHttpClient createSSLClientDefault() {
CloseableHttpClient client = null;
try {
SSLContext sslContext = null;
sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
return true;
}
}).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);//这里的红色部分
client = HttpClients.custom().setSSLSocketFactory(sslsf).build();
} catch (NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
e.printStackTrace();
}
return client;
}

原理扩展:

在org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname方法中有如下代码:

而NoopHostnameVerifier源代码如下;verify方法直接返回true

/**
* The NO_OP HostnameVerifier essentially turns hostname verification
* off. This implementation is a no-op, and never throws the SSLException.
* 关闭主机名验证,直接返回true
* @since 4.4
*/
@Contract(threading = ThreadingBehavior.IMMUTABLE)
public class NoopHostnameVerifier implements HostnameVerifier { public static final NoopHostnameVerifier INSTANCE = new NoopHostnameVerifier(); @Override
public boolean verify(final String s, final SSLSession sslSession) {
return true;
} @Override
public final String toString() {
return "NO_OP";
} }

javax.net.ssl.SSLException: Certificate doesn't match any of the subject alternative names的更多相关文章

  1. 用HttpClient发送HTTPS请求报SSLException: Certificate for <域名> doesn't match any of the subject alternative names问题的解决

    最近用server酱-PushBear做消息自动推送,用apache HttpClient做https的get请求,但是代码上到服务器端就报javax.net.ssl.SSLException: Ce ...

  2. Aandroid 解决apk打包过程中出现的“Certificate for <jcenter.bintray.com> doesn't match any of the subject alternative names: [*.aktana.com, aktana.com]”的问题

    有时候,apk打包过程中会出现“Certificate for <jcenter.bintray.com> doesn't match any of the subject alterna ...

  3. 使用HttpClient携带证书报错_Certificate for <IP> doesn't match any of the subject alternative names:[域名]

    使用HttpClient携带pfx证书通过Https协议发送SOUP报文调用WebService接口时报如下错误: Exception in thread "main" javax ...

  4. 自签证书 doesn't match any of the subject alternative names

    出现这个的原因是https中的域名或者IP,与证书中登记的不一致. 如果是自签证书的话,可以根据具体需要重新生成证书. 还有一种解决方案是在java中跳过这个检查. 绕过检查分两类,一个是绕过证书在C ...

  5. javax.net.ssl.SSLException: java.lang.UnsupportedOperationException

    Loading KeyStore C:\Tool\jdk1.7.0_71\jre\lib\security\jssecacerts... Opening connection to www.googl ...

  6. presto——java.sql.SQLException: Error executing query与javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?异常问题

    使用presto的时候以mysql为presto的数据源 安装的presto是0.95版本:使用的presto-jdbc是0.202的,这里使用jdbc去访问时候,connection可以链接成功,但 ...

  7. 微信证书 javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

    这几天在做微信退款接口,按照api写完之后,在本地测试了下没有问题,于是交给测试让他们在测试环境开测.他们说退款没有成功,感觉去查日志,发现后台报了 javax.net.ssl.SSLExceptio ...

  8. SO2O連接報錯javax.net.ssl.SSLException: Received fatal alert: protocol_version)

    原文:https://blog.csdn.net/gudejundd/article/details/89640741 1.什么是TLSSSL 是“Secure Sockets Layer”的缩写,中 ...

  9. JAVA连接MySQ报错:Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version

    Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version at sun.security.ssl.Al ...

随机推荐

  1. 这10个Python项目超有趣!

    前言: Python可谓是现在很多人正在学或者想学的一个脚本语言了,提到学习自然就少不了拿项目练手,可是一般的项目根本提不起兴趣嘛,这10个项目可是非常有趣的,不信你看看. [Python 图片转字符 ...

  2. JAVA微信公众号网页开发 —— 接收微信服务器发送的消息

    WeixinMessage.java package com.test; import java.io.Serializable; /** * This is an object that conta ...

  3. date_default_timezone_set()问题解决方案(PHP5.3以上的)

      date() [<a href='function.date'>function.date</a>]: It is not safe to rely on the syst ...

  4. js前端使用jOrgChart插件实现组织架构图的展示

    项目要做组织架构图,要把它做成自上而下的树形结构. 需要购买阿里云产品的,可以点击此链接购买,有红包优惠哦: https://promotion.aliyun.com/ntms/yunparter/i ...

  5. Scrapy框架的学习(6.item介绍以及items的使用(提前定义好字段名))转载https://blog.csdn.net/wei18791957243/article/details/86259688

      在Scrapy框架中的items.py的作用   1.可以预先定义好要爬取的字段     items.py import scrapy     class TencentItem(scrapy.I ...

  6. [macOS] Error: /usr/local must be writable!" (Sierra 10.12 )

    Error: /usr/local must be writable!" (Sierra 10.12 ) solution: sudo chown -R $(whoami) /usr/loc ...

  7. SLF4J bindings

    see: https://www.slf4j.org/manual.html

  8. Mysql数据库优化之SQL及索引优化

    1. 如何发现有问题的SQL?  使用mysql慢查询日志对有效率问题的Sql进行监视 (1) show  variables like 'slow_query_log';     查看慢查询日志是否 ...

  9. 隐藏非选中的checkBox

    //隐藏非选中的checkBox function onlyCheckBox(){ $("#dtlTable tr:gt(0)").each(function(i) { var c ...

  10. spring jar包依赖