出现SSLHandshakeException与OAuth认证面临
我的代码:出现SSLHandshakeException与OAuth认证面临
URL url=new URL(https url with client id and clientsecret);
HttpURLConnection connect=(HttpURLConnection) url.openConnection();
connect.setRequestMethod("POST");
connect.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
connect.setDoOutput(true);
通过这个我越来越
javax.net.ssl.SSLHandshakeException:无法验证SSL证书 的URL:(我的网址)
如果试图改变HttpsURLConnection
:
URL url=new URL(https url with client id and clientsecret);
HttpsURLConnection connect=(HttpsURLConnection) url.openConnection();
connect.setRequestMethod("POST");
connect.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
connect.setDoOutput(true);
我越来越
java.lang.ClassCastException: com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler $连接 不能转换到javax.net.ssl.HttpsURLConnection中
我正在与GAE合作。我需要解决这个问题来获取访问令牌。 通过查看旧问题,我没有得到正确的解决方案。
当m通过“curl”尝试通过终端时,我能够获得有效的访问令牌。
curl --data "parameters like client id and client secret and the auth_code" my https url
在此之后米能够得到令牌
原来问题的有效响应由一个无法验证的SSL证书在您的域名造成的。这可能是因为证书在某种程度上不好或者因为Google没有意识到信任链的根源。您应该专注于调查您的SSL设置。
的第二个问题是由试图投的javax.net.URL
.openConnection()
(这在App Engine运行时将的com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection
实例返回)javax.net.ssl.HttpsURLConnection
,它不能做的结果造成的。
嗨@尼克我试图通过执行下面的代码通过我的终端获得证书,然后它也显示像SSL握手错误。 ** echo -n | openssl s_client -connect
[Qualys SSL Labs提供了一个很棒的工具来分析您的证书](https://www.ssllabs。 COM/ssltest /)。值得一试。 – Nick
嗨尼克thanx的网址。它非常有用。 –
我相信你需要加载密钥库。这里
package com.tdi.api.brm.service;
import java.io.InputStream;
import java.security.KeyStore;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicHttpResponse;
import org.apache.http.protocol.HTTP;
import org.apache.log4j.Logger;
import com.tdi.api.brm.servlet.InitServlet;
import com.tdi.api.brm.util.TDI_Constants;
import com.tdi.api.brm.util.TDI_Utility;
import com.tdi.common.exceptions.TDI_CommonException;
import com.tdi.common.utility.TDI_CommonConstants;
import com.tdi.restService.model.tdiapis.ProccessAccountElements;
public class TDI_IGProcessAccountServiceImpl2 extends AbstractBaseService implements TDI_IGProcessAccountService{
static final Logger LOGGER = Logger.getLogger(TDI_IGProcessAccountServiceImpl2.class);
public TDI_IGProcessAccountServiceImpl2(){
LOGGER.debug("TDI_IGProcessAccountServiceImpl: Contructor: Entered");
LOGGER.debug("TDI_IGProcessAccountServiceImpl: Contructor: Leaving");
}
public ProccessAccountElements processAccount(String payload, String environment) throws Exception{
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Entered");
ProccessAccountElements serviceResp = new ProccessAccountElements();
String xmlFilePath;
String xmlString;
String httpResponsexml;
String httpPostUri;
StringEntity stringEntity;
HttpClient httpClient = null;
HttpPost httpPost;
HttpResponse httpResponse;
HttpEntity httpEntity;
InputStream keyStoreInputStream;
String keyStoreFilePath;
String keyStorePassword;
KeyStore keyStore;
SSLSocketFactory socketFactory;
Scheme scheme;
try{
xmlFilePath = TDI_Constants.XML_TEMPLATE_DIR.concat(TDI_Constants.FORWARD_SLASH).concat(TDI_Constants.TDI_PROCESS_ACCOUNT_XML);
xmlString = TDI_Utility.readFromFile(xmlFilePath);
stringEntity = new StringEntity(payload, HTTP.UTF_8);
stringEntity.setContentType(TDI_Constants.TEXT_XML);
httpPostUri = InitServlet.getPropertyValue(environment.concat(TDI_Constants.DELIMITER_UNDERSCORE).concat(TDI_Constants.IG_PROCESS_ACCOUNT_URL1));
httpPost = new HttpPost(httpPostUri);
httpPost.setHeader(TDI_Constants.CONTENT_TYPE, TDI_Constants.CONTENT_TYPE_VALUE);
httpPost.setEntity(stringEntity);
keyStorePassword = TDI_Constants.KEY_STORE_PASSWORD;
keyStoreFilePath = TDI_Constants.BRM_SHARE.concat(TDI_Constants.FORWARD_SLASH).concat(environment).concat(TDI_Constants.DELIMITER_UNDERSCORE).concat(TDI_Constants.PROCESS_ACCOUNT_CERTIFICATE);
keyStoreInputStream = TDI_Utility.getResourceAsInputStream(keyStoreFilePath);
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
try {
keyStore.load(keyStoreInputStream, keyStorePassword.toCharArray());
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: keyStore: Loaded");
}finally{
keyStoreInputStream.close();
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: keyStoreInputStream: Closed");
}
socketFactory = new SSLSocketFactory(keyStore);
socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: HostnameVerifier: Set");
scheme = new Scheme(TDI_Constants.HTTPS, socketFactory, TDI_Constants.PORT_443);
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: Scheme: Created");
httpClient = new DefaultHttpClient();
httpClient.getConnectionManager().getSchemeRegistry().register(scheme);
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: HttpClient: Registered");
httpResponse = (BasicHttpResponse) httpClient.execute(httpPost);
//Capture the TDI-Service un available exception
if(httpResponse != null && httpResponse.getStatusLine().toString().contains(TDI_Constants.WEBSERVICE_UNAVAIALBLE)){
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: URL : " + httpPostUri);
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: httpResponse.getStatusLine() " + httpResponse.getStatusLine().toString());
throw new TDI_CommonException(TDI_Constants.WEBSERVICE_ERROR_CODE_404,TDI_Constants.IG_SERVICE_ERROR_MESSAGE_404);
}
if(httpResponse != null) {
httpEntity = httpResponse.getEntity();
httpResponsexml = TDI_Utility.getInputStreamAsString(httpEntity.getContent());
serviceResp = parseResponseXML (httpEntity, httpResponsexml);
}else{
httpResponsexml = TDI_Constants.COMMON_XML_RESPONSE_ERROR_NO_RESPONSE;
throw new TDI_CommonException(TDI_CommonConstants.ERROR_CODE_932, httpResponsexml);
}
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: Final: HttpResponsexml=[" + httpResponsexml + "]");
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Try: Leaving");
}catch(java.net.SocketException soe){
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Socket Exception Entered");
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Socket Exception: " + soe.getMessage());
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Socket Exception Leaving");
throw new TDI_CommonException(TDI_Constants.WEBSERVICE_ERROR_CODE_404,TDI_Constants.IG_SERVICE_ERROR_MESSAGE_404);
}catch(TDI_CommonException e){
e.printStackTrace();
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: TDI_CommonException: Entered");
LOGGER.error("TDI_IGProcessAccountServiceImpl: processAccount: Catch: TDI_CommonException: " + e);
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: TDI_CommonException: Leaving");
serviceResp.setRespCode(TDI_Constants.WDR_WEBSERVICE_ERROR_CODE);
serviceResp.setRespDesc(TDI_Constants.WDR_SERVICE_ERROR_MESSAGE);
throw e;
}catch(Exception e){
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Exception: Entered");
LOGGER.error("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Exception: " + e);
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Catch: Exception: Leaving");
serviceResp.setRespCode(TDI_Constants.WDR_WEBSERVICE_ERROR_CODE);
serviceResp.setRespDesc(TDI_Constants.WDR_SERVICE_ERROR_MESSAGE);
throw e;
}
LOGGER.debug("TDI_IGProcessAccountServiceImpl: processAccount: Leaving");
return serviceResp;
}
}
检查方案,在此示例中:你应该保存证书并加载.jks进行连接。
嗨JRadcliffe thanx的链接,但我已经检查了,我没有得到所需的解决方案。 –
已更新,看看是否可以帮助该计划。如果你可以使用DefaultHttpClient,那可能会丢失 – JRadcliffe
即使我尝试了一些代码,我发现在http://*.com/questions/2893819/telling-java-to-accept-self-signed-ssl-certificate –
这是否发生在开发服务器上或者也在部署的应用程序? – Adam
我hv尚未在已部署的应用程序中添加此代码。我只是在当地检查。 –