javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException:
2018-03-30 17:43
896 查看
因为Https的安全性,现在很多公司的项目开始切换Hppts,保证信息安全,对于我们程序员而言就是随之而来的适配问题。现在比较火的网络请求框架RxJava + Retrofit + OkHttp ,在我们进行网络请求时,需要区分链接是http还是https,便于进行https的校验。以下是本人遇到的https证书验证造成的问题:
在使用Glide加载图片时,部分图片无法展示,进行Debug发现在加载图片时报异常,进入了onException方法
异常详情:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
问题原因:
由于项目的https.bks证书不是正规的CA签发的证书,而是二级代理商等签发的证书,验证不通过造成的!!!
解决方案:
方案一:
获取正规合法的https证书,让后台上传或者存在assets中,进行应用验证,这是最根本的解决办法!
方案二:
忽略https的证书校验
具体做法:需要在获取sslParams时,修改并自定义TrustManager为trustAllCerts
在继承的Application类里面onCreat()方法中调用该方法忽略https的证书校验
8327
在使用Glide加载图片时,部分图片无法展示,进行Debug发现在加载图片时报异常,进入了onException方法
异常详情:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
问题原因:
由于项目的https.bks证书不是正规的CA签发的证书,而是二级代理商等签发的证书,验证不通过造成的!!!
解决方案:
方案一:
获取正规合法的https证书,让后台上传或者存在assets中,进行应用验证,这是最根本的解决办法!
方案二:
忽略https的证书校验
具体做法:需要在获取sslParams时,修改并自定义TrustManager为trustAllCerts
在继承的Application类里面onCreat()方法中调用该方法忽略https的证书校验
public static void handleSSLHandshake() { try { TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } @Override public void checkClientTrusted(X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(X509Certificate[] certs, String authType) { } }}; SSLContext sc = SSLContext.getInstance("TLS"); // trustAllCerts信任所有的证书 sc.init(null, trustAllCerts, new SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); } catch (Exception ignored) { } }
8327
相关文章推荐
- android ksoap2 访问https javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorExce
- andorid HTTPS 不需要证书 VolleyEror: com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not fou
- Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
- 解决 javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path buildin
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed
- Linux下tomcat配置ssl中报错问题的解决javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExcepti
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building
- javax.net.ssl.SSLHandshakeException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidator
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building f
- javax.net.ssl.SSLHandshakeException: org.bouncycastle.jce.exception.ExtCertPathValidatorException: I
- javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException: PKIX path building失败
- 调用https接口抛出javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
- 【cas、tomcat】HTTP Status 500 - javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExc
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building f
- 【转载】javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted c
- javax.net.ssl.SSLHandshakeException: sun.security.validator 问题解决,与环境有关
- 爬数据出现错误javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException
- HttpClient_javax.net.ssl.SSLHandshakeException: sun.security.validator 问题解决,与环境有关
- java.security.cert.CertPathValidatorException: timestamp check failed