0.背景

springMVC环境,需要在@Test方法中发送一个https请求,按照格式要求发送了,结果报错


org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://xxxx/xxx/xx: java.security.cert.CertificateException: No subject alternative names matching IP address xxxxxx found; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address xxxxxx found

这简单一搜索发现是不支持https,要求校验https呢。

1.解决方法

我们在程序中加入下面的引用:

import javax.net.ssl.*;
import java.nio.charset.Charset;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
然后定义一个函数
 private static void disableSslVerification() {
        try
        {
            // Create a trust manager that does not validate certificate chains
            TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
                public void checkClientTrusted(X509Certificate[] certs, String authType) {
                }
                public void checkServerTrusted(X509Certificate[] certs, String authType) {
                }
            }
            };

            // Install the all-trusting trust manager
            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, trustAllCerts, new java.security.SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

            // Create all-trusting host name verifier
            HostnameVerifier allHostsValid = new HostnameVerifier() {
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            };

            // Install the all-trusting host verifier
            HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }
    }

最后,在你要发送https请求的前面调用这个函数即可:

  disableSslVerification();
            HttpEntity<Object> requestEntity = new HttpEntity<>(map, requestHeaders);
            ResponseEntity result = getInstance("utf-8").exchange("https://xxxx/xx/xx",
                    HttpMethod.POST, requestEntity, String.class);