0.背景
springMVC环境,需要在@Test方法中发送一个https请求,按照格式要求发送了,结果报错
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://xxxx/xxx/xx: java.security.cert.CertificateException: No subject alternative names matching IP address xxxxxx found; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address xxxxxx found这简单一搜索发现是不支持https,要求校验https呢。
1.解决方法
我们在程序中加入下面的引用:
import javax.net.ssl.*;
import java.nio.charset.Charset;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;然后定义一个函数
private static void disableSslVerification() {
try
{
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}
};
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
// Install the all-trusting host verifier
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
}最后,在你要发送https请求的前面调用这个函数即可:
disableSslVerification();
HttpEntity<Object> requestEntity = new HttpEntity<>(map, requestHeaders);
ResponseEntity result = getInstance("utf-8").exchange("https://xxxx/xx/xx",
HttpMethod.POST, requestEntity, String.class);