By

在使用https接口访问时有时会出现访问问题,如下所示的问题是在Socket访问https时出现的异常
SSLPeerUnverifiedException
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

对于https接口出现访问未验证错误亦可参考,本文介绍了如何添加网站证书的公钥进行单向认证

一、获取访问网站证书:

1、使用火狐浏览器访问服务器网站或Web官网,点击浏览器地址前的安全锁图标,点击右箭头,点击更多信息
安全链接截图
更多信息截图

2、在安全项中选择查看证书
查看证书截图

3、点击详细信息项,点导出,下边有多种格式,选择DER格式,文件存储格式为cer格式,保存位置可指定,这里保存在文稿文件夹下
导出证书截图

这时证书已导出在文稿,文件格式为cer,具体der、cer是什么可参考http://blog.sina.com.cn/s/blog_a9303fd90101jmtx.html

二、获取证书内容

打开命令终端,通过cd命令使当前目录进入到文稿文件夹下,执行命令 keytool -printcert -rfc -file baidu.cer,keytool是JDK自带的命令,baidu.cer是通过上一步火狐浏览器导出的证书,命令终端会输出证书内容,拷贝这些内容

获取证书内容命令示例

三、代码中添加证书

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
public class HttpsTrustManager {
    public static SSLContext getSSLContext(InputStream... certificates) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            int index = 0;
            for (InputStream certificate : certificates) {
                String certificateAlias = Integer.toString(index++);
                keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));
                try {
                    if (certificate != null)
                        certificate.close();
                } catch (IOException e) {
                }
            }
            SSLContext sslContext = SSLContext.getInstance("TLS");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
            return sslContext;
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }
    //证书
    public static String CER_baidu="-----BEGIN CERTIFICATE-----\n" +
            "MIIFVzCCBD+gAwIBAgIQQKY1foNn0BsYOq8TIk8hojANBgkqhkiG9w0BAQUFADCBtTELMAkGA1UE\n" +
            "BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO\n" +
            "ZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t\n" +
            "L3JwYSAoYykxMDEvMC0GA1UEAxMmVmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0g\n" +
            "RzMwHhcNMTUwNTI3MDAwMDAwWhcNMTUxMjI4MjM1OTU5WjCBqTELMAkGA1UEBhMCQ04xEDAOBgNV\n" +
            "BAgTB2JlaWppbmcxEDAOBgNVBAcUB2JlaWppbmcxOTA3BgNVBAoUMEJlaUppbmcgQmFpZHUgTmV0\n" +
            "Y29tIFNjaWVuY2UgVGVjaG5vbG9neSBDby4sIEx0ZDElMCMGA1UECxQcc2VydmljZSBvcGVyYXRp\n" +
            "b24gZGVwYXJ0bWVudDEUMBIGA1UEAxQLKi5iYWlkdS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" +
            "DwAwggEKAoIBAQDS4pfHYsHL5ML9ltnkLdXG5axFxAw4wkR+AohS75V1CAsFPVi4S67ZJuJAoo7+\n" +
            "CLHmakWZenwXzxysvce6bE9BT27qQe3OCwJueUX/VO8FkmiqK+A9QH9Lgl6egdw1hRV9vvX9fxiG\n" +
            "IP/RaafFrlZLtI23c+z0SfAlyWVQDfc6mnsK5MT7aDreezkDbzJ1poTVVikIJo4+UjLoWheYcJk8\n" +
            "I+3epr3Xb6I5Ga8c0JF8Yotv0gBHfbKS4lhAZjOhsqxmUJKvusNsXCOzSH9GP41QdjB3bqKPN29Q\n" +
            "qobDX25SpSOmetBnD4r77Xv+cSRQxPLTBiRPyL/9aNWPfBTe+D01AgMBAAGjggFrMIIBZzAhBgNV\n" +
            "HREEGjAYggsqLmJhaWR1LmNvbYIJYmFpZHUuY29tMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWg\n" +
            "MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2QuY3JsMGEGA1UdIARaMFgw\n" +
            "VgYGZ4EMAQICMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUF\n" +
            "BwICMBkMF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF\n" +
            "BQcDAjAfBgNVHSMEGDAWgBQNRFwWU0TBgn4dIKsl9AFj2L55pTBXBggrBgEFBQcBAQRLMEkwHwYI\n" +
            "KwYBBQUHMAGGE2h0dHA6Ly9zZC5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9zZC5zeW1j\n" +
            "Yi5jb20vc2QuY3J0MA0GCSqGSIb3DQEBBQUAA4IBAQAO0aL9AO6S3zEod2DDIWSz3PP+YXXQNpKF\n" +
            "9Kv4KzzFsxPjj1hdwdlMj/OcOPQ4PSeHyHCSbQ2m5vX2E+0DhUf0rwMhn4oOHQFuzqHKlWPxA51U\n" +
            "5pSJnjTpkS1Hpj7GAz0z0+b2dV7a3//rawJojk2kEog9aVw5U+9fBnXWeO3lhCtNSMrjAy/+7hGd\n" +
            "/9g59JBSSskd2yoCM0I1wJ7HK1AYoWtZRO1Ufe2I1PfbeY7k520C0x9hIEXDDVdjurHOiUU2rNz7\n" +
            "AjENeXtjpcn8ejx0V92X8ZnA00bZSrVrOYe+0L56yJxhFUm2aNeOPAaTGk7M7CwWQv0t0FhzcfT0\n" +
            "8UwL\n" +
            "-----END CERTIFICATE-----";
    /**
     * 将一个字符串转化为输入流
     */
    public static InputStream getStringStream(String sInputString){
        if (sInputString != null && !sInputString.trim().equals("")){
            try{
                ByteArrayInputStream tInputStringStream = new ByteArrayInputStream(sInputString.getBytes("UTF-8"));
                return tInputStringStream;
            }catch (Exception ex){
                ex.printStackTrace();
            }
        }
        return null;
    }
}
SSLContext sslContext= HttpsTrustManager.getSSLContext(HttpsTrustManager.getStringStream(HttpsTrustManager.CER_baidu));
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());

参考:http://blog.csdn.net/lmj623565791/article/details/48129405

文章目录