Java 如何使用带SSL的httpclient调用SOAP web服务
现在请帮忙, 我想通过SOAP调用api并使用httpclient 4.5.5 我的代码Java 如何使用带SSL的httpclient调用SOAP web服务,java,ssl,soap,Java,Ssl,Soap,现在请帮忙, 我想通过SOAP调用api并使用httpclient 4.5.5 我的代码 static String callApi(String url, String requestXml) { String responseXml = ""; CloseableHttpClient httpClient = null; HttpPost httpPost; try { httpClient = HttpClients.
static String callApi(String url, String requestXml)
{
String responseXml = "";
CloseableHttpClient httpClient = null;
HttpPost httpPost;
try
{
httpClient = HttpClients.createDefault();
httpPost = new HttpPost(url);
httpPost.setHeader("Content-Type", "text/xml; charset=utf-8");
httpPost.setHeader("x-ibm-client-id", Config.csp.validKey);
StringEntity entiry = new StringEntity(requestXml, "UTF-8");
httpPost.setEntity(entiry);
HttpResponse response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
responseXml = EntityUtils.toString(entity, "UTF-8");
}
catch (Exception ex)
{
log.error("", ex);
}
finally
{
try
{
if (httpClient != null)
httpClient.close();
}
catch (Exception ex)
{
log.error("", ex);
}
}
return responseXml;
}
当我调试时,就会显示错误
javax.net.ssl.SSLPeerUnverifiedException:的证书与任何主题替代名称不匹配:[*.domain.vn,domain.vn]
在org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:467)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.conn.poolighttpclientconnectionmanager.connect(poolighttpclientconnectionmanager.java:373)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.execchain.MainClientExec.buildRoute(MainClientExec.java:381)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)~[httpclient-4.5.5.jar:4.5.5]
在org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)~[httpclient-4.5.5.jar:4.5.5]
请帮忙。非常感谢您没有显示如何调用
callApi()
,但我猜您正在使用10.xx.xx.xx
IP地址而不是证书中包含的名称来寻址主机
当主机名验证生效时,无法执行此操作
您最好改为通过其证书公用名或主题替代名(SAN)之一对其进行寻址。但是,如果您不能这样做,并且由于10.*
IP地址范围是一个专用网络,您可能可以安全地关闭此服务器到服务器调用的主机名验证
而不是这个
httpClient = HttpClients.createDefault();
做这个
httpClient = HttpClients
.custom()
.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.build();
根据您使用的Apache HttpClient的版本,语法可能略有不同
这将禁用安全控制。在您无法控制的网络上调用主机时,不要这样做。我强烈建议您使用一个实际上为SOAP设计的库(如CXF),而不是只为基本HTTP设计的库。至于您的错误:这看起来像是一个无效的SSL证书。请看这可能会帮助您:可能的,谢谢您的支持@尤金·阿德尔,是的,没错。我找到了我的问题的答案。谢谢,谢谢,我在帖子里找到了答案(