大佬教程收集整理的这篇文章主要介绍了如何修复“java.security.cert.CertificateException:No subject alternative names present”错误?,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
我将以下代码放入ISomeservice
该类中:
static {
disableSslVerification();
}
private static voID disableSslVerification() {
try
{
// Create a trust manager that does not valIDate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] {new x509trustmanager() {
public java.security.cert.X509Certificate[] getAcceptedissuers() {
return null;
}
public voID checkClIEntTrusted(X509Certificate[] certs, String authTypE) {
}
public voID checkServerTrusted(X509Certificate[] certs, String authTypE) {
}
}
};
// Install the all-trusTing trust manager
SSLContext sc = SSLContext.geTinstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
httpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusTing host name verifIEr
HostnameVerifIEr allHostsValID = new HostnameVerifIEr() {
public Boolean verify(String hostname, SSLSession session) {
return true;
}
};
// Install the all-trusTing host verifIEr
httpsURLConnection.setDefaultHostnameVerifIEr(allHostsValID);
} catch (NoSuchAlgorithmException E) {
e.printstacktrace();
} catch (Keymanagementexception E) {
e.printstacktrace();
}
}
由于我https://AAA.bBB.CCC.DDD:9443/ISomeservice
仅将它们用于测试目的,所以这是一个足够好的解决方案。
我有一个Java Web服务客户端,该客户端通过httpS使用Web服务。
import javax.xml.ws.service;
@WebserviceClient(name = "ISomeservice",targetNamespace = "http://tempuri.org/",wsdlLOCATIOn = "...")
public class ISomeservice
extends service
{
public ISomeservice() {
super(__getWsdlLOCATIOn(),ISOMEserviCE_QName);
}
当我连接到服务URL(https://AAA.bBB.CCC.DDD:9443/ISomeservice)时,出现异常java.security.cert.CertificateException: No subject alternative names present。
要解决此问题,我首先运行openssl s_client -showcerts -connect AAA.bBB.CCC.DDD:9443 > certs.txt
并在file中获取以下内容certs.txt
:
CONNECTED(00000003)
---
Certificate chain
0 s:/CN=someSubdomain.someorganisation.com
i:/CN=someSubdomain.someorganisation.com
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=someSubdomain.someorganisation.com
issuer=/CN=someSubdomain.someorganisation.com
---
No client certificate CA names sent
---
SSL handshake has read 489 bytes and written 236 bytes
---
New,TLSv1/SSLv3,Cipher is RC4-MD5
Server public key is 512 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-MD5
Session-ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Session-ID-ctx:
Master-Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Key-Arg : None
Start Time: 1382521838
Timeout : 300 (seC)
Verify return code: 21 (unable to verify the first certificatE)
---
AFAIK,现在我需要
以上是大佬教程为你收集整理的如何修复“java.security.cert.CertificateException:No subject alternative names present”错误?全部内容,希望文章能够帮你解决如何修复“java.security.cert.CertificateException:No subject alternative names present”错误?所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。