javax.net.ssl.SSLPeerUnverifiedException: No peer certificate【已解决】

最新推荐文章于 2024-05-15 19:47:08 发布
最新推荐文章于 2024-05-15 19:47:08 发布 · 430 阅读 · 0
文章标签:

#移动开发 #java

本文详细介绍了使用新浪微博Android SDK进行分享操作时遇到的SSL证书验证错误,并提供了具体的解决方案,包括添加信任管理器和必要的权限。

新浪微博 Android SDK 分享时出错,错误信息:

javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
com.weibo.net.WeiboException: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
	at com.weibo.net.Utility.openUrl(Utility.java:352)
	at com.weibo.net.Utility.openUrl(Utility.java:286)
	at com.weibo.net.Weibo.request(Weibo.java:149)
	at com.weibo.net.AsyncWeiboRunner$1.run(AsyncWeiboRunner.java:46)
	at com.weibo.net.AsyncWeiboRunner.request(AsyncWeiboRunner.java:52)


我看在Utility类中已经有了下面这段代码,不知道为什么还会出错.. Mark一下先


public static HttpClient getNewHttpClient(Context context) {
        try {
            KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
            trustStore.load(null, null);

            SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
            sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

            HttpParams params = new BasicHttpParams();

            HttpConnectionParams.setConnectionTimeout(params, 10000);
            HttpConnectionParams.setSoTimeout(params, 10000);

            HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
            HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

            SchemeRegistry registry = new SchemeRegistry();
            registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
            registry.register(new Scheme("https", sf, 443));

            ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);

            // Set the default socket timeout (SO_TIMEOUT) // in
            // milliseconds which is the timeout for waiting for data.
            HttpConnectionParams.setConnectionTimeout(params, Utility.SET_CONNECTION_TIMEOUT);
            HttpConnectionParams.setSoTimeout(params, Utility.SET_SOCKET_TIMEOUT);
            HttpClient client = new DefaultHttpClient(ccm, params);
            WifiManager wifiManager = (WifiManager) context.getSystemService(Context.WIFI_SERVICE);
            if (!wifiManager.isWifiEnabled()) {
                // 获取当前正在使用的APN接入点
                Uri uri = Uri.parse("content://telephony/carriers/preferapn");
                Cursor mCursor = context.getContentResolver().query(uri, null, null, null, null);
                if (mCursor != null && mCursor.moveToFirst()) {
                    // 游标移至第一条记录,当然也只有一条
                    String proxyStr = mCursor.getString(mCursor.getColumnIndex("proxy"));
                    if (proxyStr != null && proxyStr.trim().length() > 0) {
                        HttpHost proxy = new HttpHost(proxyStr, 80);
                        client.getParams().setParameter(ConnRouteParams.DEFAULT_PROXY, proxy);
                    }
                    mCursor.close();
                }
            }
            return client;
        } catch (Exception e) {
            return new DefaultHttpClient();
        }
    }

    public static class MySSLSocketFactory extends SSLSocketFactory {
        SSLContext sslContext = SSLContext.getInstance("TLS");

        public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException,
                KeyManagementException, KeyStoreException, UnrecoverableKeyException {
            super(truststore);

            TrustManager tm = new X509TrustManager() {
                public void checkClientTrusted(X509Certificate[] chain, String authType)
                        throws CertificateException {
                }

                public void checkServerTrusted(X509Certificate[] chain, String authType)
                        throws CertificateException {
                }

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };

            sslContext.init(null, new TrustManager[] { tm }, null);
        }

        @Override
        public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
                throws IOException, UnknownHostException {
            return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
        }

        @Override
        public Socket createSocket() throws IOException {
            return sslContext.getSocketFactory().createSocket();
        }
    }


最终我发现,原因是缺少个权限:

<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />

新浪微博这个Android SDK写的也太差了, 好歹出个日志呢!浪费了我2个小时!

    public static HttpClient getNewHttpClient(Context context) {
        try {
            KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
            trustStore.load(null, null);

            SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
            sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

            HttpParams params = new BasicHttpParams();

            HttpConnectionParams.setConnectionTimeout(params, 10000);
            HttpConnectionParams.setSoTimeout(params, 10000);

            HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
            HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

            SchemeRegistry registry = new SchemeRegistry();
            registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
            registry.register(new Scheme("https", sf, 443));

            ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);

            // Set the default socket timeout (SO_TIMEOUT) // in
            // milliseconds which is the timeout for waiting for data.
            HttpConnectionParams.setConnectionTimeout(params, Utility.SET_CONNECTION_TIMEOUT);
            HttpConnectionParams.setSoTimeout(params, Utility.SET_SOCKET_TIMEOUT);
            HttpClient client = new DefaultHttpClient(ccm, params);
            WifiManager wifiManager = (WifiManager) context.getSystemService(Context.WIFI_SERVICE);
            if (!wifiManager.isWifiEnabled()) {
                // 获取当前正在使用的APN接入点
                Uri uri = Uri.parse("content://telephony/carriers/preferapn");
                Cursor mCursor = context.getContentResolver().query(uri, null, null, null, null);
                if (mCursor != null && mCursor.moveToFirst()) {
                    // 游标移至第一条记录,当然也只有一条
                    String proxyStr = mCursor.getString(mCursor.getColumnIndex("proxy"));
                    if (proxyStr != null && proxyStr.trim().length() > 0) {
                        HttpHost proxy = new HttpHost(proxyStr, 80);
                        client.getParams().setParameter(ConnRouteParams.DEFAULT_PROXY, proxy);
                    }
                    mCursor.close();
                }
            }
            return client;
        } catch (Exception e) {
            Log.e(TAG, e.getMessage(), e);
            return new DefaultHttpClient();
        }
    }




iteye_19606
关注
javax.net.ssl.SSLPeerUnverifiedException
老阿姨的博客
03-28 1332
【代码】javax.net.ssl.SSLPeerUnverifiedException
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
程序员精进之路
04-06 4660
出现此情况基本原因就是SSL证书的问题,有的时候访问成功有的时候访问失败 失败的代码: /** * post请求 * * @param url * @param json * @return */ public static JSONObject doPost(String url, String json) { ...
android javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
蓝花花的天空
05-10 218
[color=red][b]最近做项目,界面有选择使用SSL登陆或非SSL登陆,发现本来可以登陆的程序刷系统或者换机器登陆不了,痛苦了好一会儿,解决了,如下为解决方案,项目中用的挺帅的 第一步:编写SSLSocketFactoryEx,以代替原有的SSLSocketFactory,代码如下 import org.apache.http.conn.ssl.SSLSocketFactory; ...
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
我叫小杜的专栏
04-06 1391
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate做兼容性测试的时候,有部分手机会报ssl错误,各搜索,发现大部分都是直接绕过,也就是信任所有的证书,但是这种方法明显不符合规格 在下面着呢链接,找到了答案 http://stackoverflow.com/questions/18126372/safely-fixing-ja
Glide Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname not verified:
345丶
02-26 1832
原因是由于服务器不被信任引起的 解决办法: 在 Application 的 onCreate 方法中调用下面方法即可 private fun handleSSLHandshake() { try { val trustAllCerts: Array<TrustManager> = arrayOf(object : X509TrustManager { override fun checkClientTrusted(
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException
yzpbright的博客
03-30 9073
使用的是okhttp,https请求报异常: Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. at org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorS
解决间歇性 SSLPeerUnverifiedException 问题
qq_33326733的博客
05-15 1307
间歇性的问题可能由于多个原因引起,本文提供了几种潜在的解决方案。通过强制使用特定版本的 TLS 协议、确保证书配置正确、升级 JVM 和使用最新版本的okhttp3库,您可以显著减少或解决这个问题。希望这些建议能帮助您解决问题。如果有进一步的问题或需要更详细的帮助,请随时联系。
javax net ssl SSLPeerUnverifiedException No peer certificat
qq_44912644的博客
04-21 448
javax net ssl SSLPeerUnverifiedException No peer certificat
Android javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
不 ' 二
08-11 2337
01-15 11:55:39.220 18438-18459/cn.deardaisy.daisy W/System.err﹕ javax.net.ssl.SSLPeerUnverifiedException: No peer certificate 01-15 11:55:39.220 18438-18459/cn.deardaisy.daisy W/System.err﹕ at org.a
android 5.0 SSL Socket exception javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
love android
12-26 2248
更新到最新版本的android 5.0版本 测试我的app,当我使用 api调用 Https 访问的时候报如下的错误. javax.net.ssl.SSLPeerUnverifiedException: No peer certificate 11-26 15:35:01.919: W/System.err(353): at com.android.org.conscrypt.SS
安卓接sdk时javax.net.ssl.SSLPeerUnverifiedException: No peer certificate的问题
shiou_sky的专栏
10-21 2796
接sdk时候发现you
Android QQ授权时 javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
Kenway090704的博客
06-28 713
最近在开发项目的时候发现,授权登录QQ,可以获取Openid,但是无法获取用户信息,报错如下,原因现在还未查明,如果有小伙伴知道的话,请留言告知,本人也在查询解决中:E/openSDK_LOG.HttpUtils: OpenApi requestAsync IOException
新浪微博:javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
LVXIANGAN的专栏
12-19 4460
问题在与  Utility类的getNewHttpClient方法 context.getSystemService(Context.WIFI_SERVICE); 访问了WIFI设备,但没有此权限会抛出异常,但该Coder在Catch返回了个DefaultHttpClient,导致异常抛出的是javax.net.ssl.SSLPeerUnverifiedException: No peer cer
第三方登录和绑定新浪WeiboException: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
红旺永福
10-30 1641
公司项目需要接入新浪微博,研究了三天了,一直没成果,遇到一个问题一直卡死,不知道怎么处理,经过千方百计的寻找、试验,终于找到解决办法,真可谓唐僧取经,历尽九九八十一难,结果如下,授权登录成功,获取到用户信息,解决办法分享如下: javax.net.ssl.SSLPeerUnverifiedException: No" title="第三方登录和绑定新浪WeiboException: java
Javajavax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
一些平时在开发过程中遇到的常见问题,分享给大家
01-29 1999
​此代码在本地开发环境正常运行,但是在服务器上mHttpClient.execute会报错: Exception in thread "main" javax.NET.ssl.SSLPeerUnverifiedException: peer not authenticated
springboot rabbitmq javax.net.ssl.SSLHandshakeException: No trusted certificate found
最新发布
06-13
### Spring Boot与RabbitMQ中的SSL握手异常解决方案 在Spring Boot与RabbitMQ集成时,如果出现`javax.net.ssl.SSLHandshakeException: No trusted certificate found`的异常,通常表明客户端无法验证服务器提供的SSL证书。以下是解决此问题的详细方法: #### 1. 配置RabbitMQ服务器以支持SSL 确保RabbitMQ服务器已正确配置SSL/TLS。需要生成一个有效的SSL证书,并将其添加到RabbitMQ的配置文件中[^1]。以下是一个典型的RabbitMQ SSL配置示例: ```plaintext listeners.ssl.default = 5671 ssl_options.cacertfile = /path/to/ca_certificate.pem ssl_options.certfile = /path/to/server_certificate.pem ssl_options.keyfile = /path/to/private_key.pem ssl_options.verify = verify_peer ssl_options.fail_if_no_peer_cert = false ``` #### 2. 导入服务器证书到Java信任库 在Spring Boot应用程序中,必须将RabbitMQ服务器的SSL证书导入到Java的信任库(TrustStore)中。以下是具体步骤: - 使用`keytool`命令将服务器证书导入到Java的信任库: ```bash keytool -import -alias rabbitmq-server -keystore $JAVA_HOME/lib/security/cacerts -file server_certificate.pem ``` 默认密码为`changeit`,但可能因环境而异。 #### 3. 配置Spring Boot应用程序以支持SSL 在Spring Boot中,可以通过配置`application.properties`或`application.yml`文件来启用SSL连接。例如,在`application.properties`中添加以下内容: ```properties spring.rabbitmq.host=localhost spring.rabbitmq.port=5671 spring.rabbitmq.username=guest spring.rabbitmq.password=guest spring.rabbitmq.ssl.enabled=true ``` 如果需要自定义信任库路径和密码,可以设置以下属性: ```properties spring.rabbitmq.ssl.trust-store=/path/to/truststore.jks spring.rabbitmq.ssl.trust-store-password=your_truststore_password ``` #### 4. 自定义RabbitMQ连接工厂 如果上述配置仍无法解决问题,可以通过编程方式自定义RabbitMQ的连接工厂。以下是一个代码示例: ```java import org.springframework.amqp.rabbit.connection.CachingConnectionFactory; import org.springframework.amqp.rabbit.connection.ConnectionFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.net.ssl.TrustManagerFactory; import java.io.FileInputStream; import java.security.KeyStore; @Configuration public class RabbitMqConfig { @Bean public ConnectionFactory rabbitConnectionFactory() throws Exception { CachingConnectionFactory connectionFactory = new CachingConnectionFactory(); connectionFactory.setHost("localhost"); connectionFactory.setPort(5671); connectionFactory.setUsername("guest"); connectionFactory.setPassword("guest"); // 加载信任库 KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); try (FileInputStream fis = new FileInputStream("/path/to/truststore.jks")) { trustStore.load(fis, "your_truststore_password".toCharArray()); } TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(trustStore); connectionFactory.useSslProtocol(tmf.getTrustManagers()); return connectionFactory; } } ``` #### 5. 验证证书链 如果仍然遇到`No trusted certificate found`错误,可能是证书链不完整。确保服务器证书包含完整的中间证书链,并将其导出为单个PEM文件。例如: ```bash cat intermediate_ca.pem root_ca.pem > full_chain.pem ``` 然后更新RabbitMQ的`ssl_options.certfile`配置为新的完整链文件。 --- ### 总结 通过正确配置RabbitMQ服务器的SSL选项、将服务器证书导入Java信任库以及在Spring Boot应用程序中启用SSL支持,可以有效解决`javax.net.ssl.SSLHandshakeException: No trusted certificate found`问题[^2]。 ---
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值