javax.net.ssl.sslhandshakeException:sun.security.validator.validatorException:PKIX path buildind failed
2024-10-19 17:29:30
前段时间开发的一个需求,需要通过图片URL获取图片的base64编码,测试的时候使用的是百度图片的url,测试没有问题,但是发布后测试时报如下错:
javax.net.ssl.sslhandshakeException:sun.security.validator.validatorException:PKIX path buildind failed
报错代码:
import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.util.Base64; public class Base64Util { private static final Logger logger = LoggerFactory.getLogger(Base64Util.class); public static String getBase64ByUrl(String urlPath){
ByteArrayOutputStream data = new ByteArrayOutputStream();
try {
URL url = new URL(urlPath);
byte[] by = new byte[1024];
URLConnection urlConnection = url.openConnection();
HttpURLConnection httpURLConnection = (HttpURLConnection) urlConnection;
httpURLConnection.setConnectTimeout(1000*5);
httpURLConnection.connect();
InputStream inputStream = httpURLConnection.getInputStream();
int len = -1;
while ( (len = inputStream.read(by)) !=-1){
data.write(by,0,len);
}
inputStream.close();
} catch (Exception e) {
logger.error("获取图片base64出错:" + e + ",图片url为:" + urlPath);
}
return Base64.getMimeEncoder().encodeToString(data.toByteArray());
}
}
检查发现是jdk的证书库里并没有将该站点的证书作为受信任的安全证书,只要在打开链接的时候设置忽略证书检查就可以解决,更新代码如下:
import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.util.Base64; public class Base64Util { private static final Logger logger = LoggerFactory.getLogger(Base64Util.class); public static String getBase64ByUrl(String urlPath){
ByteArrayOutputStream data = new ByteArrayOutputStream();
try {
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
System.out.println("Warning: URL Host: " + urlHostName + " vs. "
+ session.getPeerHost());
return true;
}
};
URL url = new URL(urlPath);
byte[] by = new byte[1024];
//忽略证书信任
trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
URLConnection urlConnection = url.openConnection();
HttpURLConnection httpURLConnection = (HttpURLConnection) urlConnection;
httpURLConnection.setConnectTimeout(1000*5);
httpURLConnection.connect();
InputStream inputStream = httpURLConnection.getInputStream();
int len = -1;
while ( (len = inputStream.read(by)) !=-1){
data.write(by,0,len);
}
inputStream.close();
} catch (Exception e) {
logger.error("获取图片base64出错:" + e + ",图片url为:" + urlPath);
}
return Base64.getMimeEncoder().encodeToString(data.toByteArray());
} private static void trustAllHttpsCertificates() throws Exception {
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new miTM();
trustAllCerts[0] = tm;
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext
.getInstance("SSL");
sc.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc
.getSocketFactory());
} static class miTM implements javax.net.ssl.TrustManager,
javax.net.ssl.X509TrustManager {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
} public boolean isServerTrusted(
java.security.cert.X509Certificate[] certs) {
return true;
} public boolean isClientTrusted(
java.security.cert.X509Certificate[] certs) {
return true;
} public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
} public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
}
}
在URLConnection urlConnection = url.openConnection();之前忽略证书信任,问题解决。
最新文章
- 百度文库下载器 V2.3.4.3 支持豆丁百度文库道客巴巴
- Android 软件开发之如何使用Eclipse Debug调试程序详解及Eclipse常用快捷键(转)
- Access界面基础操作
- 记一次在Eclipse中用Axis生成webservice服务端的过程中出现的问题
- NPM小结
- IDEA文件编码修改
- Failed to create the java virtual machine完全解决办法
- 使用Jekyll搭建博客
- PHP强大的内置filter (一)
- C#调用存储过程简单完整例子
- addLoadEvent函数
- ClipDrawable 资源
- 原来JS是这样的 - 提升, 作用域 与 闭包
- bzoj2442[Usaco2011 Open]修剪草坪 单调队列优化dp
- Linux 小知识翻译 - 「RAID」
- CSS3美化有序列表
- POJ 1703 Find them, Catch them (并查集)
- Java实现 SSL双向认证
- python的requests快速上手、高级用法和身份认证
- PAT 乙级 1009 说反话 (20) C++版
热门文章
- SpringBoot2.x设置文件上传文件的大小
- SpringCloud微服务实战——搭建企业级开发框架(三十八):搭建ELK日志采集与分析系统
- (一)scrapy 安装及新建爬虫项目并运行
- IGMP协议测试-网络测试仪实操
- C# lambda 表达式 和=>;的含义
- 【windows 访问控制】六、安全标识符(SID Security Identifiers)
- Hadoop - MapReduce学习笔记(详细)
- Hadoop - 入门学习笔记(详细)
- linux光盘使用、rpm软件包、yum软件仓库安装使用
- Python——模块&包&异常