Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/306.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
具有pfx证书的Java Open HttpsUrlConnection_Java_Ssl_Https_Certificate - Fatal编程技术网
Fatal编程技术网
  • java/
  • 具有pfx证书的Java Open HttpsUrlConnection

具有pfx证书的Java Open HttpsUrlConnection

java ssl https certificate

具有pfx证书的Java Open HttpsUrlConnection,java,ssl,https,certificate,Java,Ssl,Https,Certificate,我正在尝试以编程方式连接到安全的web服务器。我有用于访问服务器的pfx证书,可以通过浏览器访问它。但是,我得到以下错误: java.security.cert.CertificateException:不存在主题替代名称 我使用的代码如下: KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(new FileInputStream("path/to/pfxFile"), "mypassword"); KeyMana

我正在尝试以编程方式连接到安全的web服务器。我有用于访问服务器的pfx证书,可以通过浏览器访问它。但是,我得到以下错误:

java.security.cert.CertificateException:不存在主题替代名称

我使用的代码如下:

KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream("path/to/pfxFile"), "mypassword");
KeyManagerFactory keyManagerFactory = KeyManagerFactory
                .getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, "mypassword");

KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream("path/to/cacerts"), "changeit");
TrustManagerFactory trustManagerFactory = TrustManagerFactory
                .getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(),
                new SecureRandom());

URL url = new URL("https://XXX.XXX.XXX.XXX/MyWebService");
connection = (HttpsURLConnection) url.openConnection();
connection.setSSLSocketFactory(sslContext.getSocketFactory());
connection.setRequestProperty("Content-Type", "text/xml");
connection.setRequestMethod("GET");
connection.setConnectTimeout(120000);
connection.connect();
我通过将以下内容直接放在openConnection调用之前,设法找到了解决该错误的方法:

HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> hostname.equals("XXX.XXX.XXX.XXX"));
只给我:

javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径生成失败:sun.security.provider.certpath.SunCertPathBuilderException:找不到请求目标的有效证书路径

我找不到这个问题的任何解决方案。我曾尝试导出证书并通过keytool将其添加到cacert,但没有任何帮助,我也没有主意了。非常感谢您的帮助。

因此,我只需要下载服务器证书并将其添加到cacerts,而不是使用pkcs12文件