线程“main”javax.net.ssl.SSLHandshakeException:sun.security.validator.validator异常:未找到受信任的证书
我是自动化测试的第一名。所以,我有一项任务,为API测试创建自动化脚本。我需要创建带有自签名序列号的https请求。这个证书给了我我们的管理员p12扩展名和密码文件。我已将此证书导出到.cer扩展。然后我创建了信任存储并将此证书导入该存储 C:\ProgramFilesx86\Java\jdk1.8.0\u 25\jre\bin>keytool-import-keystore-clienttrust.jks-file marta.cer-storepass-storepass 我在我的项目附近找到了marta.cer和clienttrust.jks。我已经在Java上用IntelliJ IDEA 13.1.1编写了代码 以下是代码:线程“main”javax.net.ssl.SSLHandshakeException:sun.security.validator.validator异常:未找到受信任的证书,java,ssl,intellij-idea,Java,Ssl,Intellij Idea,我是自动化测试的第一名。所以,我有一项任务,为API测试创建自动化脚本。我需要创建带有自签名序列号的https请求。这个证书给了我我们的管理员p12扩展名和密码文件。我已将此证书导出到.cer扩展。然后我创建了信任存储并将此证书导入该存储 C:\ProgramFilesx86\Java\jdk1.8.0\u 25\jre\bin>keytool-import-keystore-clienttrust.jks-file marta.cer-storepass-storepass 我在我的项目附近找
public void testSimpleHttpsClient() throws CertificateException, InterruptedException, UnrecoverableKeyException, NoSuchAlgorithmException,
IOException, KeyManagementException, KeyStoreException {
URL url = new URL("https://intstg1-kaakioskpublicapi.ptstaging.ptec/TLE/36171/player/info");
HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
con.setRequestMethod( "GET" );
SSLContext sslContext = SSLContext.getInstance("TLS");
char[] passphrase = "storepass".toCharArray();
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(this.getClass().getResourceAsStream("clienttrust.jks"), passphrase);
System.out.println(ks);
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
System.out.println(tmf.toString());
HostnameVerifier hostnameVerifier = new HostnameVerifier() {
public boolean verify(String s, SSLSession sslSession) {
return s.equals(sslSession.getPeerHost());
}
};
con.setHostnameVerifier(hostnameVerifier);
sslContext.init(null, tmf.getTrustManagers(), null);
con.setSSLSocketFactory(sslContext.getSocketFactory());
int responseCode = con.getResponseCode();
InputStream inputStream;
if (responseCode == HttpURLConnection.HTTP_OK) {
inputStream = con.getInputStream();
} else {
inputStream = con.getErrorStream();
}
// Process the response
BufferedReader reader;
String line = null;
reader = new BufferedReader( new InputStreamReader( inputStream ) );
while( ( line = reader.readLine() ) != null )
{
System.out.println( line );
}
inputStream.close();
}
因此,在执行此代码后,我得到下一个异常:
主线程javax.net.ssl.SSLHandshakeException:sun.security.validator.validator异常:未找到受信任的证书
位于sun.security.ssl.Alerts.getSSLExceptionAlerts.java:192
位于sun.security.ssl.SSLSocketImpl.fatalsslssocketimpl.java:1917
位于sun.security.ssl.Handshaker.fatalSEHandshaker.java:301
位于sun.security.ssl.Handshaker.fatalSEHandshaker.java:295
位于sun.security.ssl.ClientHandshaker.serverCertificateClientHandshaker.java:1471
位于sun.security.ssl.ClientHandshaker.processMessageClientHandshaker.java:212
位于sun.security.ssl.Handshaker.processLoopHandshaker.java:936
位于sun.security.ssl.Handshaker.process_recordHandshaker.java:871
位于sun.security.ssl.SSLSocketImpl.readRecordSSLSocketImpl.java:1043
位于sun.security.ssl.SSLSocketImpl.performinialhandshakesslsocketimpl.java:1343
位于sun.security.ssl.SSLSocketImpl.startHandshakeSSLSocketImpl.java:1371
位于sun.security.ssl.SSLSocketImpl.startHandshakeSSLSocketImpl.java:1355
位于sun.net.www.protocol.https.HttpsClient.afterConnectHttpsClient.java:563
在sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connectAbstractDelegateHttpsURLConnection.java:185
位于sun.net.www.protocol.http.HttpURLConnection.getInputStream0HttpURLConnection.java:1511
位于sun.net.www.protocol.http.HttpURLConnection.getInputStreamHttpURLConnection.java:1439
在java.net.HttpURLConnection.getresponsecodetpurlconnection.java:480
位于sun.net.www.protocol.https.HttpsURLConnectionImpl.getresponsecodetpsurlconnectionimpl.java:338
在httpConnection.Connection.TestSimpleHttpClientConnection.java:179
在httpConnection.Connection.mainConnection.java:22
在sun.reflect.NativeMethodAccessorImpl.invoke0Native方法中
位于sun.reflect.NativeMethodAccessorImpl.invokeNativeMethodAccessorImpl.java:62
在sun.reflect.DelegatingMethodAccessorImpl.invokeDelegatingMethodAccessorImpl.java:43
位于java.lang.reflect.Method.invokeMethod.java:483
位于com.intellij.rt.execution.application.AppMain.mainAppMain.java:120
原因:sun.security.validator.validator异常:未找到受信任的证书
位于sun.security.validator.SimpleValidator.buildTrustedChainSimpleValidator.java:384
位于sun.security.validator.SimpleValidator.engineValidateSimpleValidator.java:133
位于sun.security.validator.validator.validateValidator.java:260
位于sun.security.ssl.X509TrustManagerImpl.validateX509TrustManagerImpl.java:324
位于sun.security.ssl.X509TrustManagerImpl.checkTrustedX509TrustManagerImpl.java:229
位于sun.security.ssl.X509TrustManagerImpl.checkServerTrustedX509TrustManagerImpl.java:124
位于sun.security.ssl.ClientHandshaker.serverCertificateClientHandshaker.java:1453
... 20多
各位,请向我解释如何解决此问题。将服务器证书作为受信任的证书导入
keytool-import-trustcacerts-alias somealias-keystore clienttrust.jks-file marta.cer查看Ankur singhal,感谢您的建议。我有个问题要问你。我的证书的条目类型是“trustedCertEntry”,但在您的文章中-条目类型:PrivateKeyEntry。“条目类型”非常重要吗?您使用的HostnameVerifier不安全。它只是针对易受MITM攻击的反向查找检查主机名,而不是针对证书。