AI专业者开发社区 1 号成员
  •  0 回帖  •  3 浏览  •  4 个月前
 

Java中https请求报错,信任所有ssl证书。解决javax.net.ssl.SSLHandshakeException: PKIX path building failed

Java 信任所有 SSL 证书,HTTPS 请求抛错,忽略证书请求完美解决

  • 解决方案:在 openConnection 之前调用该 util

  • util 代码

package com.warren.util;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;


import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;


public class SslUtils {


</span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">void</span> trustAllHttpsCertificates() <span style="color: rgba(0, 0, 255, 1)">throws</span><span style="color: rgba(0, 0, 0, 1)"> Exception {
    TrustManager[] trustAllCerts </span>= <span style="color: rgba(0, 0, 255, 1)">new</span> TrustManager[1<span style="color: rgba(0, 0, 0, 1)">];
    TrustManager tm </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> miTM();
    trustAllCerts[</span>0] =<span style="color: rgba(0, 0, 0, 1)"> tm;
    SSLContext sc </span>= SSLContext.getInstance("SSL"<span style="color: rgba(0, 0, 0, 1)">);
    sc.init(</span><span style="color: rgba(0, 0, 255, 1)">null</span>, trustAllCerts, <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">);
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}

</span><span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">class</span> miTM <span style="color: rgba(0, 0, 255, 1)">implements</span><span style="color: rgba(0, 0, 0, 1)"> TrustManager,X509TrustManager {
    </span><span style="color: rgba(0, 0, 255, 1)">public</span><span style="color: rgba(0, 0, 0, 1)"> X509Certificate[] getAcceptedIssuers() {
        </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
    }

    </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">boolean</span><span style="color: rgba(0, 0, 0, 1)"> isServerTrusted(X509Certificate[] certs) {
        </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">;
    }

    </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">boolean</span><span style="color: rgba(0, 0, 0, 1)"> isClientTrusted(X509Certificate[] certs) {
        </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">;
    }

    </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">void</span><span style="color: rgba(0, 0, 0, 1)"> checkServerTrusted(X509Certificate[] certs, String authType)
            </span><span style="color: rgba(0, 0, 255, 1)">throws</span><span style="color: rgba(0, 0, 0, 1)"> CertificateException {
        </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)">;
    }

    </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">void</span><span style="color: rgba(0, 0, 0, 1)"> checkClientTrusted(X509Certificate[] certs, String authType)
            </span><span style="color: rgba(0, 0, 255, 1)">throws</span><span style="color: rgba(0, 0, 0, 1)"> CertificateException {
        </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)">;
    }
}

</span><span style="color: rgba(0, 128, 0, 1)">/**</span><span style="color: rgba(0, 128, 0, 1)">
 * 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
 * </span><span style="color: rgba(128, 128, 128, 1)">@throws</span><span style="color: rgba(0, 128, 0, 1)"> Exception
 </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
<span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">void</span> ignoreSsl() <span style="color: rgba(0, 0, 255, 1)">throws</span><span style="color: rgba(0, 0, 0, 1)"> Exception{
    HostnameVerifier hv </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> HostnameVerifier() {
        </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">boolean</span><span style="color: rgba(0, 0, 0, 1)"> verify(String urlHostName, SSLSession session) {
            </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">;
        }
    };
    trustAllHttpsCertificates();
    HttpsURLConnection.setDefaultHostnameVerifier(hv);
}



}

  • 使用方式:
//1. 下载地址
        URL url = new URL("https://p1.music.126.net/qsRYc_3XeaXUWR1vGnm6vA==/109951164743134727.jpg?param=140y140");
        //https 协议的链接会因为证书问题报错
        //在 openConnection 前调用该方法, 信任所有 SSL 证书
        SslUtils.ignoreSsl();
        //2. 连接到这个资源
        HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();

    InputStream inputStream </span>= urlConnection.getInputStream();</pre>

OK!