春RestTemplate I / O错误:没有对方的证书 [英] Spring RestTemplate I/O error: No peer certificate
本文介绍了春RestTemplate I / O错误:没有对方的证书的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我总是得到同样的错误whens试图得到一个HTTPS资源:
org.springframework.web.client.ResourceAccessException:I / O错误:没有对方的证书;嵌套的例外是javax.net.ssl.SSLPeerUnverifiedException:没有对方的证书
我在我的应用程序运行一个自签名的虚拟主机,应用程序正常工作的 HTTP ,但我需要 HTTPS 。
下面是Android应用我的code:
mRestTemplate =新RestTemplate();
。mRestTemplate.getMessageConverters()增加(新GsonHttpMessageConverter());
mRestTemplate.setRequestFactory(新HttpComponentsClientHtt prequestFactory());最后ResponseObject responseObject = mRestTemplate.postForObject(APP_URL,requestObject,ResponseObject.class);
更新1
-
我试图通过@nilesh提出的解决方案,并没有奏效。
-
我试过该解决方案具有相同的错误
的HttpParams PARAMS =新BasicHttpParams();
HttpProtocolParams.setVersion(参数,可以HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(参数,可以HTTP.DEFAULT_CONTENT_CHARSET);
HttpProtocolParams.setUseExpectContinue(参数,可以真正的);SchemeRegistry schReg =新SchemeRegistry();
schReg.register(新计划(HTTP,PlainSocketFactory.getSocketFactory(),80));
schReg.register(新计划(https开头,SSLSocketFactory.getSocketFactory(),443));
ClientConnectionManager conMgr =新ThreadSafeClientConnManager(参数,可以schReg);客户端= DefaultHttpClient(conMgr,则params);最后HttpComponentsClientHtt prequestFactory厂=新HttpComponentsClientHtt prequestFactory();
factory.setHttpClient(客户端);mRestTemplate =新RestTemplate();
mRestTemplate.setRequestFactory(工厂); -
我试过这个解决方案没有成功,同样的错误
- 抓住所有必需的证书(根和任何中间CA的)
- 创建与密钥工具及BouncyCastle的提供者密钥库并导入证书
- 加载密钥存储在你的Android应用程序,并用它为安全连接
不要使用标准java.net.ssl.HttpsURLConnection的安全连接。使用Apache的HttpClient(版本4个大气压)库,该库已内置在Android中。它是构建在Java连接库的顶部,并且,在我看来,更快,更好的模块化,易于理解。
解决方案
使得使用RestTemplate任何HTTP请求之前运行下面的方法。这对我的作品。
公共无效trustSelfSignedSSL(){
尝试{
CTX的SSLContext = SSLContext.getInstance(TLS);
X509TrustManager TM =新X509TrustManager(){ 公共无效checkClientTrusted(x509证书[] XCS,
字符串字符串)抛出CertificateException {
} 公共无效checkServerTrusted(x509证书[] XCS,
字符串字符串)抛出CertificateException {
} 公共java.security.cert.X509Certificate [] getAcceptedIssuers()为{
返回null;
} @覆盖
公共无效checkClientTrusted(
java.security.cert.X509Certificate []为arg0,ARG1字符串)
抛出java.security.cert.CertificateException {
} @覆盖
公共无效checkServerTrusted(
java.security.cert.X509Certificate []为arg0,ARG1字符串)
抛出java.security.cert.CertificateException { }
};
ctx.init(空,新的TrustManager [] {} TM,NULL);
SSLContext.setDefault(CTX);
}赶上(例外前){
抛出新的RuntimeException(异常发生恩)
}
}
I always get the same error whens try to get a https resource:
org.springframework.web.client.ResourceAccessException: I/O error: No peer certificate; nested exception is javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
I have a self-signed virtual host where my app runs, the app works fine on http but I need https.
Here is my code in android app:
mRestTemplate = new RestTemplate();
mRestTemplate.getMessageConverters().add(new GsonHttpMessageConverter());
mRestTemplate.setRequestFactory(new HttpComponentsClientHttpRequestFactory());
final ResponseObject responseObject = mRestTemplate.postForObject(APP_URL, requestObject, ResponseObject.class);
Update 1
I tried the solution proposed by @nilesh and has not worked.
I tried this solution with the same error
HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, HTTP.DEFAULT_CONTENT_CHARSET); HttpProtocolParams.setUseExpectContinue(params, true); SchemeRegistry schReg = new SchemeRegistry(); schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); schReg.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443)); ClientConnectionManager conMgr = new ThreadSafeClientConnManager(params, schReg); client = DefaultHttpClient(conMgr, params); final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(); factory.setHttpClient(client); mRestTemplate = new RestTemplate(); mRestTemplate.setRequestFactory(factory);I tried this solution without success and the same error
- Grab all required certificates (root and any intermediate CA’s)
- Create a keystore with keytool and the BouncyCastle provider and import the certs
- Load the keystore in your android app and use it for the secured connections Don’t use the standard java.net.ssl.HttpsURLConnection for the secure connection. Use the Apache HttpClient (Version 4 atm) library, which is already built-in in android. It’s built on top of the java connection libraries and is, in my opinion, faster, better modularized and easier to understand.
解决方案
Run the method below before making any Http request using RestTemplate. This works for me.
public void trustSelfSignedSSL() {
try {
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs,
String string) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] xcs,
String string) throws CertificateException {
}
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws java.security.cert.CertificateException {
}
};
ctx.init(null, new TrustManager[] { tm }, null);
SSLContext.setDefault(ctx);
} catch (Exception ex) {
throw new RuntimeException("Exception occurred ",ex)
}
}
这篇关于春RestTemplate I / O错误:没有对方的证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
