线程“main”javax.net.ssl.SSLHandshakeException:sun.security.validator.validator异常：未找到受信任的证书_Java_Ssl_Intellij Idea

线程“main”javax.net.ssl.SSLHandshakeException:sun.security.validator.validator异常：未找到受信任的证书

java ssl intellij-idea

线程“main”javax.net.ssl.SSLHandshakeException:sun.security.validator.validator异常：未找到受信任的证书,java,ssl,intellij-idea,Java,Ssl,Intellij Idea,我是自动化测试的第一名。所以，我有一项任务，为API测试创建自动化脚本。我需要创建带有自签名序列号的https请求。这个证书给了我我们的管理员p12扩展名和密码文件。我已将此证书导出到.cer扩展。然后我创建了信任存储并将此证书导入该存储 C:\ProgramFilesx86\Java\jdk1.8.0\u 25\jre\bin>keytool-import-keystore-clienttrust.jks-file marta.cer-storepass-storepass 我在我的项目附近找

我是自动化测试的第一名。所以，我有一项任务，为API测试创建自动化脚本。我需要创建带有自签名序列号的https请求。这个证书给了我我们的管理员p12扩展名和密码文件。我已将此证书导出到.cer扩展。然后我创建了信任存储并将此证书导入该存储

C:\ProgramFilesx86\Java\jdk1.8.0\u 25\jre\bin>keytool-import-keystore-clienttrust.jks-file marta.cer-storepass-storepass

我在我的项目附近找到了marta.cer和clienttrust.jks。我已经在Java上用IntelliJ IDEA 13.1.1编写了代码

以下是代码：

public void testSimpleHttpsClient() throws CertificateException, InterruptedException, UnrecoverableKeyException, NoSuchAlgorithmException,
        IOException, KeyManagementException, KeyStoreException {


    URL url = new URL("https://intstg1-kaakioskpublicapi.ptstaging.ptec/TLE/36171/player/info");

    HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
    con.setRequestMethod( "GET" );

    SSLContext sslContext = SSLContext.getInstance("TLS");

    char[]  passphrase = "storepass".toCharArray();
    KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(this.getClass().getResourceAsStream("clienttrust.jks"), passphrase);
    System.out.println(ks);

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
    tmf.init(ks);

    System.out.println(tmf.toString());

    HostnameVerifier hostnameVerifier = new HostnameVerifier() {

        public boolean verify(String s, SSLSession sslSession) {
            return s.equals(sslSession.getPeerHost());
        }
    };
    con.setHostnameVerifier(hostnameVerifier);

    sslContext.init(null, tmf.getTrustManagers(), null);
   con.setSSLSocketFactory(sslContext.getSocketFactory());

    int responseCode = con.getResponseCode();
    InputStream inputStream;
    if (responseCode == HttpURLConnection.HTTP_OK) {
        inputStream = con.getInputStream();
    } else {
        inputStream = con.getErrorStream();
    }

    // Process the response
    BufferedReader reader;
    String line = null;
    reader = new BufferedReader( new InputStreamReader( inputStream ) );
    while( ( line = reader.readLine() ) != null )
    {
        System.out.println( line );
    }

    inputStream.close();
}

因此，在执行此代码后，我得到下一个异常：

主线程javax.net.ssl.SSLHandshakeException:sun.security.validator.validator异常：未找到受信任的证书位于sun.security.ssl.Alerts.getSSLExceptionAlerts.java:192 位于sun.security.ssl.SSLSocketImpl.fatalsslssocketimpl.java:1917 位于sun.security.ssl.Handshaker.fatalSEHandshaker.java:301 位于sun.security.ssl.Handshaker.fatalSEHandshaker.java:295 位于sun.security.ssl.ClientHandshaker.serverCertificateClientHandshaker.java:1471 位于sun.security.ssl.ClientHandshaker.processMessageClientHandshaker.java:212 位于sun.security.ssl.Handshaker.processLoopHandshaker.java:936 位于sun.security.ssl.Handshaker.process_recordHandshaker.java:871 位于sun.security.ssl.SSLSocketImpl.readRecordSSLSocketImpl.java:1043 位于sun.security.ssl.SSLSocketImpl.performinialhandshakesslsocketimpl.java:1343 位于sun.security.ssl.SSLSocketImpl.startHandshakeSSLSocketImpl.java:1371 位于sun.security.ssl.SSLSocketImpl.startHandshakeSSLSocketImpl.java:1355 位于sun.net.www.protocol.https.HttpsClient.afterConnectHttpsClient.java:563 在sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connectAbstractDelegateHttpsURLConnection.java:185 位于sun.net.www.protocol.http.HttpURLConnection.getInputStream0HttpURLConnection.java:1511 位于sun.net.www.protocol.http.HttpURLConnection.getInputStreamHttpURLConnection.java:1439 在java.net.HttpURLConnection.getresponsecodetpurlconnection.java:480 位于sun.net.www.protocol.https.HttpsURLConnectionImpl.getresponsecodetpsurlconnectionimpl.java:338 在httpConnection.Connection.TestSimpleHttpClientConnection.java:179 在httpConnection.Connection.mainConnection.java:22 在sun.reflect.NativeMethodAccessorImpl.invoke0Native方法中位于sun.reflect.NativeMethodAccessorImpl.invokeNativeMethodAccessorImpl.java:62 在sun.reflect.DelegatingMethodAccessorImpl.invokeDelegatingMethodAccessorImpl.java:43 位于java.lang.reflect.Method.invokeMethod.java:483 位于com.intellij.rt.execution.application.AppMain.mainAppMain.java:120 原因：sun.security.validator.validator异常：未找到受信任的证书位于sun.security.validator.SimpleValidator.buildTrustedChainSimpleValidator.java:384 位于sun.security.validator.SimpleValidator.engineValidateSimpleValidator.java:133 位于sun.security.validator.validator.validateValidator.java:260 位于sun.security.ssl.X509TrustManagerImpl.validateX509TrustManagerImpl.java:324 位于sun.security.ssl.X509TrustManagerImpl.checkTrustedX509TrustManagerImpl.java:229 位于sun.security.ssl.X509TrustManagerImpl.checkServerTrustedX509TrustManagerImpl.java:124 位于sun.security.ssl.ClientHandshaker.serverCertificateClientHandshaker.java:1453 ... 20多

各位，请向我解释如何解决此问题。

将服务器证书作为受信任的证书导入

keytool-import-trustcacerts-alias somealias-keystore clienttrust.jks-file marta.cer

查看Ankur singhal，感谢您的建议。我有个问题要问你。我的证书的条目类型是“trustedCertEntry”，但在您的文章中-条目类型：PrivateKeyEntry。“条目类型”非常重要吗？您使用的HostnameVerifier不安全。它只是针对易受MITM攻击的反向查找检查主机名，而不是针对证书。