问题:在使用 org.apache.http.*下的 CloseableHttpClient 发送https请求时报了以上错误

解决方案一:使用java.net.HttpURLConnection

import java.net.HttpURLConnection;

public static HttpURLConnection connectToWeb(String uri) {

    HttpURLConnection connection = null;

    try {

        URL url = new URL(uri);

        connection = (HttpURLConnection) url.openConnection();

        connection.setRequestMethod("GET");

        connection.connect();

    } catch (MalformedURLException ex) {

        ex.printStackTrace();

    } catch (IOException ex) {

        ex.printStackTrace();

    }

    return connection;

}

解决方案二:在创建SSLConnectionSocketFactory时,添加NoopHostnameVerifier.INSTANCE参数

 public static CloseableHttpClient createSSLClientDefault() {

        CloseableHttpClient client = null;

        try {

            SSLContext sslContext = null;

            sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {

                @Override

                public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {

                    return true;

                }

            }).build();

            SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);//这里的红色部分

            client = HttpClients.custom().setSSLSocketFactory(sslsf).build();

        } catch (NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {

            e.printStackTrace();

        }

        return client;

    }

原理扩展:

在org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname方法中有如下代码:

而NoopHostnameVerifier源代码如下;verify方法直接返回true

/**
 * The NO_OP HostnameVerifier essentially turns hostname verification
 * off. This implementation is a no-op, and never throws the SSLException.
 * 关闭主机名验证,直接返回true
 * @since 4.4
 */
@Contract(threading = ThreadingBehavior.IMMUTABLE)

public class NoopHostnameVerifier implements HostnameVerifier {

    public static final NoopHostnameVerifier INSTANCE = new NoopHostnameVerifier();

    @Override

    public boolean verify(final String s, final SSLSession sslSession) {

        return true;

    }

    @Override

    public final String toString() {

        return "NO_OP";

    }

}

javax.net.ssl.SSLException: Certificate doesn't match any of the subject alternative names的更多相关文章

  1. 用HttpClient发送HTTPS请求报SSLException: Certificate for <域名> doesn't match any of the subject alternative names问题的解决

    最近用server酱-PushBear做消息自动推送,用apache HttpClient做https的get请求,但是代码上到服务器端就报javax.net.ssl.SSLException: Ce ...

  2. Aandroid 解决apk打包过程中出现的“Certificate for <jcenter.bintray.com> doesn't match any of the subject alternative names: [*.aktana.com, aktana.com]”的问题

    有时候,apk打包过程中会出现“Certificate for <jcenter.bintray.com> doesn't match any of the subject alterna ...

  3. 使用HttpClient携带证书报错_Certificate for <IP> doesn't match any of the subject alternative names:[域名]

    使用HttpClient携带pfx证书通过Https协议发送SOUP报文调用WebService接口时报如下错误: Exception in thread "main" javax ...

  4. 自签证书 doesn't match any of the subject alternative names

    出现这个的原因是https中的域名或者IP,与证书中登记的不一致. 如果是自签证书的话,可以根据具体需要重新生成证书. 还有一种解决方案是在java中跳过这个检查. 绕过检查分两类,一个是绕过证书在C ...

  5. javax.net.ssl.SSLException: java.lang.UnsupportedOperationException

    Loading KeyStore C:\Tool\jdk1.7.0_71\jre\lib\security\jssecacerts... Opening connection to www.googl ...

  6. presto——java.sql.SQLException: Error executing query与javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?异常问题

    使用presto的时候以mysql为presto的数据源 安装的presto是0.95版本:使用的presto-jdbc是0.202的,这里使用jdbc去访问时候,connection可以链接成功,但 ...

  7. 微信证书 javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

    这几天在做微信退款接口,按照api写完之后,在本地测试了下没有问题,于是交给测试让他们在测试环境开测.他们说退款没有成功,感觉去查日志,发现后台报了 javax.net.ssl.SSLExceptio ...

  8. SO2O連接報錯javax.net.ssl.SSLException: Received fatal alert: protocol_version)

    原文:https://blog.csdn.net/gudejundd/article/details/89640741 1.什么是TLSSSL 是“Secure Sockets Layer”的缩写,中 ...

  9. JAVA连接MySQ报错:Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version

    Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version at sun.security.ssl.Al ...

随机推荐

  1. 6.1-uC/OS-III软件定时器

    1.软件定时器是 uC/OS 操作系统的一个内核对象,软件定时器是基于时钟节拍和系统管理创建的软件性定时器,理论上可以创建无限多个,但精准度肯定比硬件定时稍逊一筹. 2.软件定时器启动之后是由软件定时 ...

  2. python练习题-day14

    一.选择题 1. python不支持的数据类型有:A. charB. intC. floatD. list ans:A 2.x = ‘foo’y = 2print(x + y) A. fooB. fo ...

  3. xutils android studio引用问题

    然后rebuild--->关闭项目-->重启,ok public class MyApplication extends Application { @Override public vo ...

  4. Hyper-v 虚拟机 关闭服务

    1.Win + R 运行 2.输入 services.msc 回车 3.禁用下图的服务

  5. Git环境配置

    1,下载Git-2.16.2-64-bit.exe并安装, 全部为默认设置 下载地址:http://git-scm.com/download/win 2 在开始菜单中,单击Git CMD,执行下面命令 ...

  6. node 七牛云图片上传

    后端代码 //https://portal.qiniu.com/user/key var accessKey = '-xxx-QvPiZzXYWY9AuytTjgix'; var secretKey ...

  7. JAVA:IDEA使用Hibernate(2)

    1.打开IDEA新建项目 勾选Hibernate.勾选下方生成相关配置和类 下方选择Download,如果使用本地已经下载的包则选择 Use Library ,路径选到包里面的require里导入即可 ...

  8. 自增ID算法snowflake - C#版

    急景流年,铜壶滴漏,时光缱绻如画,岁月如诗如歌.转载一篇博客来慰藉,易逝的韶华. 使用UUID或者GUID产生的ID没有规则 Snowflake算法是Twitter的工程师为实现递增而不重复的ID实现 ...

  9. git----------SourceTree如何连接ssh的仓库地址,这里记录的是客户端需要做的事

    1. 2. 打开命令行以后输入ssh-keygen -t rsa -C "example@example.com"  这个地方输入的是你注册gitlab所使用的邮箱.按回车,之后还 ...

  10. CentOS 7 服务端口表

    # Note that it is presently the policy of IANA to assign a single well-known# port number for both T ...