hessian,SSO,CAS调用https不受信任之跳过证书验证(unable to find valid certification path to requested target )
2017-12-21 10:25
1016 查看
本人在CAS进行单点登录的时候出现了地址为https,单点不能访问系统,报错unable to find valid certification path to requested target,其最终原因是缺少安全证书时出现的异常。以下是找到的2种解决办法
解决办法一:
public class SslUtil {
public static CloseableHttpClient SslHttpClientBuild() {
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", trustAllHttpsCertificates()).build();
//创建ConnectionManager,添加Connection配置信息
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
CloseableHttpClient httpClient = HttpClients.custom().setConnectionManager(connectionManager).build();
return httpClient;
}
private static SSLConnectionSocketFactory trustAllHttpsCertificates() {
SSLConnectionSocketFactory socketFactory = null;
TrustManager[] trustAllCerts = new TrustManager[1];
TrustManager tm = new miTM();
trustAllCerts[0] = tm;
SSLContext sc = null;
try {
sc = SSLContext.getInstance("TLS");//sc = SSLContext.getInstance("TLS")
sc.init(null, trustAllCerts, null);
socketFactory = new SSLConnectionSocketFactory(sc, NoopHostnameVerifier.INSTANCE);
//HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
return socketFactory;
}
static class miTM implements TrustManager, X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
//don't check
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
//don't check
}
}
}
解决办法二:
http://blog.csdn.net/faye0412/article/details/6883879
解决办法一:
public class SslUtil {
public static CloseableHttpClient SslHttpClientBuild() {
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", trustAllHttpsCertificates()).build();
//创建ConnectionManager,添加Connection配置信息
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
CloseableHttpClient httpClient = HttpClients.custom().setConnectionManager(connectionManager).build();
return httpClient;
}
private static SSLConnectionSocketFactory trustAllHttpsCertificates() {
SSLConnectionSocketFactory socketFactory = null;
TrustManager[] trustAllCerts = new TrustManager[1];
TrustManager tm = new miTM();
trustAllCerts[0] = tm;
SSLContext sc = null;
try {
sc = SSLContext.getInstance("TLS");//sc = SSLContext.getInstance("TLS")
sc.init(null, trustAllCerts, null);
socketFactory = new SSLConnectionSocketFactory(sc, NoopHostnameVerifier.INSTANCE);
//HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
return socketFactory;
}
static class miTM implements TrustManager, X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
//don't check
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
//don't check
}
}
}
解决办法二:
http://blog.csdn.net/faye0412/article/details/6883879
相关文章推荐
- Java进行https请求需要证书的问题 unable to find valid certification path to requested target
- Java调用https服务报错unable to find valid certification path to requested target的解决方法
- 访问HTTPS时SSL/TLS证书拒绝问题 : unable to find valid certification path to requested target
- Java调用https服务报错unable to find valid certification path to requested target的解决方法
- 使用restful请求https身份不通过, unable to find valid certification path to requested target,使用java生成签名证书
- 请求https错误: unable to find valid certification path to requested target
- 请求https错误: unable to find valid certification path to requested target
- 【cas、tomcat】SunCertPathBuilderException: unable to find valid certification path to requested target
- https请求报错解决: unable to find valid certification path to requested target
- HTTPS中SunCertPathBuilderException: unable to find valid certification path to requested target
- 现https协议的服务异常:'unable to find valid certification path to requested target'
- 解决HttpClient访问https(包括通过http代理)出现unable to find valid certification path to requested target的问题
- https编程遇到PKIX:unable to find valid certification path to requested target 的问题
- tomcat异常:unable to find valid certification path to requested target
- 解决PKIX:unable to find valid certification path to requested target 的问题
- 解决PKIX:unable to find valid certification path to requested target 的问题
- 解决PKIX问题:unable to find valid certification path to requested target
- 解决PKIX:unable to find valid certification path to requested target 的问题
- 解决PKIX:unable to find valid certification path to requested target 的问题
- unable to find valid certification path to requested target 的简单解决办法