我正在尝试创建一个有效的证书来自动访问网站。我在Java中使用HTMLUnit。
这是我的代码:
@BeforeClass
public static void init() throws IOException, InterruptedException, NoSuchAlgorithmException, UnrecoverableEntryException {
driver = new HtmlUnitDriver();
WebClient webClient = new WebClient(BrowserVersion.CHROME);
host = "192.x.x.x";
String name = "username", password = "password";
webClient.addRequestHeader(name, password);
URL url = new URL("https://"+"host"+"/<rest of url>");
try {
webClient.openWindow(url, "Main");
} catch (Exception e) {
e.printStackTrace();
}
}
站点的证书出现问题
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX 路径构建失败: sun.security.provider.certpath.sunCertPathBuilderException: 无法 查找所请求目标的有效证书路径 sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509) 在 sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(握手.java:914) 在 sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) 在 sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) 在 sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) 在 org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) 在 org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) 在 com.gargoylesoftware.htmlunit.httpclient.HtmlUnitSSLConnectionSocketFactory.connectSocket(HtmlUnitSSLConnectionSocketFactory.java:186) 在 org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) 在 org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359) 在 org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) 在 org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) 在 org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) 在 org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) 在 org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) 在 org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) 在 org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) 在 com.gargoylesoftware.htmlunit.HttpWebConnection.getResponse(HttpWebConnection.java:194) 在 com.gargoylesoftware.htmlunit.WebClient.loadWebResponseFromWebConnection(WebClient.java:1372) 在 com.gargoylesoftware.htmlunit.WebClient.loadWebResponse(WebClient.java:1291) 在 com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:390) 在 com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:311) 在 com.gargoylesoftware.htmlunit.WebClient.openWindow(WebClient.java:877) 在 com.gargoylesoftware.htmlunit.WebClient.openWindow(WebClient.java:854) 在 testExamples.SeleniumHTMLUnitHeadlessTest.init(SeleniumHTMLUnitHeadlessTest.java:274) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 在 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) 在 org.testng.internal.Invoker.invokeConfigurationMethod(Invoker.java:523) at org.testng.internal.Invoker.invokeConfigurations(Invoker.java:224) at org.testng.internal.Invoker.invokeConfigurations(Invoker.java:146) 在 org.testng.internal.TestMethodWorker.invokeBeforeClassMethods(TestMethodWorker.java:166) 在 org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:105) at org.testng.TestRunner.privateRun(TestRunner.java:744) at org.testng.TestRunner.run(TestRunner.java:602) at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375)
好吧,我下载了证书并将其导入到JAVA_Home的cacerts文件中。
结果是一个例外:
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <192.x.x.x> 与证书使用者的公用名不匹配: 在 org.apache.http.conn.ssl.DefaultHostnameVerifier.matchCN(DefaultHostnameVerifier.java:186) 在 org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:133) 在 org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:99) 在 org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:463) 在org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397) 在 org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) 在 com.gargoylesoftware.htmlunit.httpclient.HtmlUnitSSLConnectionSocketFactory.connectSocket(HtmlUnitSSLConnectionSocketFactory.java:186) 在 org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) 在 org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359) 在 org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) 在 org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) 在 org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) 在 org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) 在 org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) 在 org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) 在 org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) 在 com.gargoylesoftware.htmlunit.HttpWebConnection.getResponse(HttpWebConnection.java:194) 在 com.gargoylesoftware.htmlunit.WebClient.loadWebResponseFromWebConnection(WebClient.java:1372) 在 com.gargoylesoftware.htmlunit.WebClient.loadWebResponse(WebClient.java:1291) 在 com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:390) 在 com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:311) 在 com.gargoylesoftware.htmlunit.WebClient.openWindow(WebClient.java:877) 在 com.gargoylesoftware.htmlunit.WebClient.openWindow(WebClient.java:854) 在 testExamples.SeleniumHTMLUnitHeadlessTest.init(SeleniumHTMLUnitHeadlessTest.java:274) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 在 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) 在 org.testng.internal.Invoker.invokeConfigurationMethod(Invoker.java:523) at org.testng.internal.Invoker.invokeConfigurations(Invoker.java:224) at org.testng.internal.Invoker.invokeConfigurations(Invoker.java:146) 在 org.testng.internal.TestMethodWorker.invokeBeforeClassMethods(TestMethodWorker.java:166) 在 org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:105) at org.testng.TestRunner.privateRun(TestRunner.java:744) at org.testng.TestRunner.run(TestRunner.java:602) at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340)
好的,我搜索了一下,原因似乎是无效的CN。
我使用相同的 csr 内容构建了一个新证书,除了 CN(我为此使用了主机名(代码中的 ip),将其导入 JAVA_Home 年的 cacerts 文件中,然后我得到了与使用第一个证书完全相同的异常。 但我无法想象没有解决方案。你能帮我解决这个问题吗?
如果您需要更多信息,请告诉我。
多谢!
我通过关闭认证检查解决了这个问题。如果您有同样的问题,请查看以下内容:http://www.nakov.com/blog/2009/07/16/disable-certificate-validation-in-java-ssl-connections/