0

如果我执行下面的代码,我会收到一个异常说“无法找到请求目标的有效证书路径

String protocol = "https://10.0.100.80/MyAPP/index.html";
java.net.URL obj = new java.net.URL(protocol);
HttpURLConnection httpReq = (HttpURLConnection) obj.openConnection();
httpReq.setDoOutput(true);
httpReq.setInstanceFollowRedirects(true);
httpReq.setRequestMethod("GET");
Date date = new Date();
System.out.println("iStatus: " + httpReq.getResponseMessage());
System.out.println("iCode: " + httpReq.getResponseCode());

例外:

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
    at sun.security.validator.Validator.validate(Validator.java:218)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
    ... 14 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
    ... 20 more

帮我ping一个启用ssl的url。

4

2 回答 2

1

有这个代码,看看

HttpsURLConnection httpReq = (HttpsURLConnection) obj.openConnection();
于 2013-01-28T11:34:29.293 回答
0

使用以下实现处理这种情况。

public  Map<String,Object> pingSSLEnabledURL(String urlString) throws Exception {
        Map<String,Object> returnMap = null;
        // configure the SSLContext with a TrustManager
        SSLContext ctx = SSLContext.getInstance("TLS");
        ctx.init(new KeyManager[0], new TrustManager[] {
            new DefaultTrustManager() }, new SecureRandom());
        SSLContext.setDefault(ctx);

        URL url = new URL(urlString);
        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
        conn.setHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }
        });
        returnMap = getResponseStatus(url, null, conn);

        conn.disconnect();
        return returnMap;
    }

 private  class DefaultTrustManager implements X509TrustManager {
        @Override
        public void checkClientTrusted(X509Certificate[] arg0, String arg1)
                throws CertificateException {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] arg0, String arg1)
                throws CertificateException {
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    private  Map<String,Object> getResponseStatus(URL url, HttpURLConnection httpURLConnection,
            HttpsURLConnection httpsURLConnection) throws IOException {
        Map<String,Object> returnMap = new HashMap<String,Object>();

        returnMap.put("PROTOCOL", url.getProtocol());
        returnMap.put("PORT", url.getDefaultPort());
        returnMap.put("HOST", url.getHost());
        returnMap.put("URL", url.getFile()); 

        if (httpURLConnection != null){

            returnMap.put("STATUS_MESSAGE", httpURLConnection.getResponseMessage());
            returnMap.put("STATUS_CODE", httpURLConnection.getResponseCode());

        }
        if (httpsURLConnection != null){

            returnMap.put("STATUS_MESSAGE", httpsURLConnection.getResponseMessage());
            returnMap.put("STATUS_CODE", httpsURLConnection.getResponseCode());
        }

        return returnMap;

    }
于 2013-02-05T08:26:02.767 回答