0

使用HostnameVerifier这样的:

private final HostnameVerifier myVerifier = new HostnameVerifier(){
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
}

使用此代码效果很好:

HttpsURLConnection.setDefaultHostnameVerifier(myVerifier);
URL u = new URL("https://foobar.de/");
u.openStream(); // <!-- GOOD

但是这段代码不起作用:

URL u = new URL("https://foobar.de/");
final HttpsURLConnection openConnection = (HttpsURLConnection) u.openConnection();
openConnection.setHostnameVerifier(myVerifier);
u.openStream();// <!--EXCEPTION

这是例外:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching rossmann.de found.
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
    at java.net.URL.openStream(URL.java:1037)
    at Test.main(Test.java:21)
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching rossmann.de found.
    at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:191)
    at sun.security.util.HostnameChecker.match(HostnameChecker.java:93)
    at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
    ... 13 more

为什么?

4

1 回答 1

0

嗯,我需要使用相同的连接。

openConnection.getInputStream()
于 2014-11-03T14:09:54.730 回答