我正在尝试使用spring Rest模板连接到远程服务器(https:pathtoremotehost)并获取证书异常。我已通过以下使用keytool的命令将远程主机的证书添加到cacerts中,但错误仍然存在
keytool -importcert -file myapp.cer -alias myapp -keystore "C:\Program Files\Java\jre1.8.0_161\lib\security\cacerts" -storepass changeit
这是我的代码:
@Autowired
RestTemplate restTemplate;
final String ROOT_URI = "https://<<path to remote host>>";
@Override
public Token generateToken() {
JSONObject request = new JSONObject();
try {
request.put("username","username");
request.put("password", "password");
} catch (JSONException e) {
e.printStackTrace();
}
// set headers
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity<String> entity = new HttpEntity<String>(request.toString(), headers);
ResponseEntity<Token> loginResponse = restTemplate.exchange(ROOT_URI, HttpMethod.POST, entity, Token.class);
System.out.println(loginResponse);
return loginResponse.getBody() ;
}
application.properties
server.ssl.trust-store=C:\\Program Files\\Java\\jre1.8.0_161\\lib\\security\\cacerts
server.ssl.key-password=changeit
以下是我的例外情况
Exception in thread "main" org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://<<pathtoremotehost>>/login": java.security.cert.CertificateException: No name matching <<remotehost>> found; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching <<remotehost>> found
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:732)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:680)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:600)
at com.myservice.UserServiceImpl.login(UserServiceImpl.java:88)
at com.myservice.MyApplication.main(MyApplication.java:23)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching <<remotehostname>> found
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:723)
... 4 more
Caused by: java.security.cert.CertificateException: No name matching <<remotehost>> found
at sun.security.util.HostnameChecker.matchDNS(Unknown Source)
at sun.security.util.HostnameChecker.match(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 19 more