过去几个月我一直在使用这个基础设施,它运行良好。我曾经用 https 访问谷歌并得到结果。突然,我开始收到 HTTPS URL 的 SSLPeerVerifiedException。我不认为有什么改变。谁能指出原因和解决方法?
各种版本:
Apache-HttpComponents-HttpCore = 4.1;
Apache-HttpComponents-HttpClient = 4.1.1;
JDK = 1.6_64;
代码片段:
public void execute(HttpContext httpContext, HttpUriRequest request, HttpHost proxy,
Credentials proxyCredentials) throws IOException {
HttpClient httpClient = getHttpClient(proxy, proxyCredentials, true,
configuration.getHttpConnectionTimeout(), configuration.getHttpSocketTimeout());
httpClient.execute(request, httpContext);
}
/**
* Default constructor
*/
public HttpClientUtil() throws IOException {
/*
* A TrustManager which trusts every server certificates.
*/
TrustManager tm = new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException { }
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException { }
};
try {
SSLContext context = SSLContext.getInstance("TLS");
context.init(new KeyManager[0], new TrustManager[]{tm}, new SecureRandom());
connectionManager = new ThreadSafeClientConnManager();
connectionManager.setMaxTotal(Constant.HTTP_CONNECTION_POOL_MAX_TOTAL_CONNECTIONS);
connectionManager.setDefaultMaxPerRoute(Constant.HTTP_CONNECTION_POOL_DEFAULT_MAX_CONNECTIONS_PER_ROUTE);
connectionManager.getSchemeRegistry().register(new Scheme(Constant.PROTOCOL_HTTPS, Constant.HTTPS_DEFAULT_PORT, new SSLSocketFactory(context)));
} catch (Exception e) {
throw new IOException(e);
}
}
private HttpClient getHttpClient(HttpHost proxy, Credentials proxyCredentials,
boolean followRedirects, int connectionTimeout, int soTimeout) {
DefaultHttpClient client = new DefaultHttpClient(connectionManager);
client.addRequestInterceptor(requestAcceptEncoding);
client.addResponseInterceptor(httpResponseMaskInterceptor);
client.addResponseInterceptor(responseContentEncoding);
HttpParams params = client.getParams();
if (proxy != null) {
params.setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);
if (proxyCredentials != null) {
client.getCredentialsProvider().setCredentials(
new AuthScope(proxy.getHostName(), proxy.getPort()), proxyCredentials);
}
}
HttpProtocolParams.setUserAgent(params, configuration.getUserAgent());
HttpConnectionParams.setConnectionTimeout(params, connectionTimeout);
HttpConnectionParams.setSoTimeout(params, soTimeout);
HttpClientParams.setRedirecting(params, followRedirects);
if (followRedirects) {
client.setRedirectStrategy(redirectStrategy);
}
return client;
}
堆栈跟踪:
Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:446)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.updateSecureConnection(DefaultClientConnectionOperator.java:200)
at org.apache.http.impl.conn.AbstractPoolEntry.layerProtocol(AbstractPoolEntry.java:277)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.layerProtocol(AbstractPooledConnAdapter.java:142)
at org.apache.http.impl.client.DefaultRequestDirector.establishRoute(DefaultRequestDirector.java:758)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:565)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at com.amazon.mobius.httpproxy.util.HttpClientUtil.execute(HttpClientUtil.java:390)
at com.amazon.mobius.httpproxy.ec2.RequestExecutor.executeViaEC2(RequestExecutor.java:267)
... 45 more
任何帮助,将不胜感激。
谢谢,