连接到URL时,Peer未经过身份验证

时间:2013-07-25 15:19:24

标签: java authentication

原谅我的无知,我真的不知道我在做什么,因为这是我的第一个网络程序。我知道我尝试访问的服务器不需要验证,因为有人帮我编辑了删除了身份验证过滤器的web.xml文件。但是,当尝试连接到URL时,我收到此错误:

Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:126)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:437)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
    at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:643)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)
    at ParseTesting.AccessURL.main(AccessURL.java:74)

如果您有任何想法,请按照我的方式通过。这是来源:

package ParseTesting;

import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.Reader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;

import java.security.cert.X509Certificate;


public class AccessURL {
    public static void main(String[] args) throws Exception {
        //final String server = "https://myurl.edited.for.web.post";
        final String username = "admin";
        final String password = "password";


        DefaultHttpClient client =  new DefaultHttpClient();


        HttpGet  httpget = new HttpGet(server);

        String authString = "admin:dangerous";
        System.out.println("auth string: " + authString);
        byte[] authEncBytes = Base64.encodeBase64(authString.getBytes());
        String authStringEnc = new String(authEncBytes);
        System.out.println("Base64 encoded auth string: " + authStringEnc);

        httpget.addHeader("Authorization", "Basic " + authStringEnc);
        HttpResponse response = client.execute(httpget);
        System.out.println(response);

        HttpEntity entity = response.getEntity();
        String str = EntityUtils.toString(entity);
        }
}

1 个答案:

答案 0 :(得分:0)

远程主机的SSL证书无法使用Java客户端可用的CA证书对已知的CA根目录进行验证。如果远程主机使用自签名证书,则需要将私有CA证书添加到Java客户端的密钥库。如果是商业证书,请将相应的根CA证书添加到密钥库。