我有一个类将从https服务器下载文件.当我运行它时,它会返回很多错误.我的证书似乎有问题.是否可以忽略客户端 - 服务器身份验证?如果是这样,怎么样?
package com.da;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.CharBuffer;
import java.util.concurrent.Future;
import org.apache.http.HttpResponse;
import org.apache.http.client.utils.URIUtils;
import org.apache.http.impl.nio.client.DefaultHttpAsyncClient;
import org.apache.http.nio.IOControl;
import org.apache.http.nio.client.HttpAsyncClient;
import org.apache.http.nio.client.methods.AsyncCharConsumer;
import org.apache.http.nio.client.methods.HttpAsyncGet;
import org.apache.http.nio.client.methods.HttpAsyncPost;
public class RSDDownloadFile {
static FileOutputStream fos;
public void DownloadFile(String URI, String Request) throws Exception
{
java.net.URI uri = URIUtils.createURI("https", "176.66.3.69:6443", -1, "download.aspx",
"Lang=EN&AuthToken=package", null);
System.out.println("URI Query: " + uri.toString());
HttpAsyncClient httpclient = new DefaultHttpAsyncClient();
httpclient.start();
try {
Future<Boolean> future = httpclient.execute(
new HttpAsyncGet(uri),
new ResponseCallback(), null);
Boolean result …我正在尝试通过HTTPS连接Java Web API; 但是,抛出异常:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException
我遵循了从在线keytool和SSL证书教程中学到的这些步骤:
我将HTTPS URL复制到浏览器中,使用Internet Explorer下载SSL证书并将其安装在浏览器中.
将证书导出到计算机上的路径,证书保存为 .cer
使用了keytool的导入选项.执行下面的命令没有任何错误.
keytool -import -alias downloadedCertAlias -keystore C:\path\to\my\keystore\cacerts.file -file C:\path\of\exportedCert.cer
我在命令提示符下提示输入密码,然后我输入了密码.
该cmd窗口打印一些证书数据与签名,我是这样一个问题提示:
相信这个证书?
我回答是的.
显示cmd提示符
证书已添加到密钥库
但是在该消息之后,显示了另一个异常:
keytool error: java.io.FileNotFoundException: C:\Program files\...\cacerts <Access Denied>
最后,当我检查密钥库时,没有添加SSL证书,我的应用程序提供了我在尝试连接时得到的相同异常:
(javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException)
我有一个用Grizzly制作的REST服务器,它使用HTTPS并与Firefox完美配合.这是代码:
//Build a new Servlet Adapter.
ServletAdapter adapter=new ServletAdapter();
adapter.addInitParameter("com.sun.jersey.config.property.packages", "My.services");
adapter.addInitParameter(ResourceConfig.PROPERTY_CONTAINER_REQUEST_FILTERS, SecurityFilter.class.getName());
adapter.setContextPath("/");
adapter.setServletInstance(new ServletContainer());
//Configure SSL (See instructions at the top of this file on how these files are generated.)
SSLConfig ssl=new SSLConfig();
String keystoreFile=Main.class.getResource("resources/keystore_server.jks").toURI().getPath();
System.out.printf("Using keystore at: %s.",keystoreFile);
ssl.setKeyStoreFile(keystoreFile);
ssl.setKeyStorePass("asdfgh");
//Build the web server.
GrizzlyWebServer webServer=new GrizzlyWebServer(getPort(9999),".",true);
//Add the servlet.
webServer.addGrizzlyAdapter(adapter, new String[]{"/"});
//Set SSL
webServer.setSSLConfig(ssl);
//Start it up.
System.out.println(String.format("Jersey app started with WADL available at "
+ "%sapplication.wadl\n",
"https://localhost:9999/"));
webServer.start();
现在,我尝试用Java实现它:
SSLContext ctx=null;
try {
ctx …我创建了基于Jersey的Web服务(通过Netbeans自动生成).
我还创建了一个用户名"testClient",密码为"secret",并创建了用户组"Users",并使用了glassfish 3.0.1管理控制台使用文件Realm.
我还相应地映射了web.xml和sun-web.xml.
我的网络服务已成功保护; 当我访问该网站时,我收到安全警告,然后我提示用户名和密码来访问该网站的任何内容.通过Web浏览器访问它时工作正常.
现在我已经编写了一个基于jersey的简单客户端,并试图访问第一个项目提供的Web服务; 客户端代码在这里
自动生成Jersey客户端代码
public class JerseyClient {
private WebResource webResource;
private Client client;
private static final String BASE_URI = "https://localhost:9028/testsecurity2/resources";
public JerseyClient() {
com.sun.jersey.api.client.config.ClientConfig config = new com.sun.jersey.api.client.config.DefaultClientConfig(); // SSL configuration
// SSL configuration
config.getProperties().put(com.sun.jersey.client.urlconnection.HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new com.sun.jersey.client.urlconnection.HTTPSProperties(getHostnameVerifier(), getSSLContext()));
client = Client.create(config);
webResource = client.resource(BASE_URI).path("manufacturers");
}
public <T> T get_XML(Class<T> responseType) throws UniformInterfaceException {
return webResource.accept(javax.ws.rs.core.MediaType.APPLICATION_XML).get(responseType);
}
public <T> T get_JSON(Class<T> responseType) throws UniformInterfaceException {
return webResource.accept(javax.ws.rs.core.MediaType.APPLICATION_JSON).get(responseType);
}
public void close() {
client.destroy();
}
public …我试图通过调用HTTPS REST API Jersey Client.在开发过程中,我偶然发现了以下错误:
Exception in thread "main" com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching mvn.signify.abc.com found
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:149)
at com.sun.jersey.api.client.Client.handle(Client.java:648)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:670)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at com.sun.jersey.api.client.WebResource$Builder.get(WebResource.java:503)
at com.lftechnology.sbworkbench.utility.utils.PingFederateUtility.main(PingFederateUtility.java:32)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching mvn.signify.abc.com found
所以我用Google搜索了一下,发现了大量的解决方案,实际上是有效的.
他们处于不同的领域,但他们有一个共同的解决方案来解决它.
我目前在开发环境中使用自创的自签名证书.因此它必然会出现问题.
上述解决方案侧重于跳过/允许验证所有证书.
但是当我将它移动到生产环境时,我可以从可信赖的来源访问有效签名证书.
PS
我使用的解决方案是,
try
{
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() …我使用java创建桌面应用程序,此应用程序使用API.为了保证与API的通信,我们得到了他们支持使用HTTPS的通知.请指导我如何从Java客户端设置https连接.
API具有此功能,表明它可以选择安全连接:
private String getUrlAddress(XmlRequest request) {
// determine if this is a secure connection
String url = this.ssl ? "https://" : "http://";
// determine service endpoint based on type of class/request passed in
if( request.getClass() == MessageRequest.class) {
url += ClockWorkSmsService.SMS_URL;
}
else {
url += ClockWorkSmsService.CREDIT_URL;
}
return url;
}
这段代码让我觉得"请求"将是我当前的网址或服务器,因此我将在我这边设置https连接.
Clockworksms API包装器:
import com.clockworksms.*;
public class DemoSms
{
public static void main(String[] args)
{
try
{
ClockWorkSmsService clockWorkSmsService = new ClockWorkSmsService("apikey");
SMS sms = new SMS("441234567890", "Hello …我正在尝试使用 Jersey 1.X 版本连接到安全的外部休息服务。
我使用了以下代码
public class MyRestClient
{
private static final String API_USER_NAME = "some value";
private static final String API_PASSWORD = "some value";
private static final String REST_URL = "https://<somevalue>";
public static void main(String[] args)
{
ClientConfig config = new DefaultClientConfig();
Client client = Client.create(config);
client.addFilter(new HTTPBasicAuthFilter(API_USER_NAME, API_PASSWORD));
WebResource webResource =
client.resource(UriBuilder.fromUri(REST_URL).build());
ClientResponse response = webResource.post(ClientResponse.class);
System.out.println(response);
}
}
但我一直打这个例外..
com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching 'somevalue' found
我检查了这个外部休息服务的 API,它说它支持基本 HTTP 身份验证,但我不知道为什么我一直遇到这个错误。
有什么想法吗?