AppEngine:无法验证URL的SSL证书

时间:2013-09-21 12:42:36

标签: java google-app-engine ssl oauth intuit-partner-platform

我正在尝试使用他们在AppEngine(SDK 1.8.4)上托管的JAVA API V3与OAuth连接到Intuit Quickbooks。要开始使用,我只需按照其中的说明运行示例代码:http://ippdocs.intuit.com/0025_QuickBooksAPI/0055_DevKits/0201_IPP_Java_DevKit_3.0

它在TomCat上运行良好,但是当我调整代码以便在AppEngine上工作时,我收到了这个错误:

OauthHelper.java Extract,在最后一行引发异常:

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;

import oauth.signpost.OAuthConsumer;
import oauth.signpost.OAuthProvider;
import oauth.signpost.basic.DefaultOAuthConsumer;
import oauth.signpost.basic.DefaultOAuthProvider;
import oauth.signpost.exception.OAuthCommunicationException;
import oauth.signpost.exception.OAuthExpectationFailedException;
import oauth.signpost.exception.OAuthMessageSignerException;
import oauth.signpost.exception.OAuthNotAuthorizedException;
import oauth.signpost.http.HttpParameters;

[...]
URL url;
url = new URL(signedRequestTokenUrl);
HttpURLConnection httpconnection = (HttpURLConnection) url
httpconnection.setRequestMethod("GET");
httpconnection.setRequestProperty("Content-type", "application/xml");
httpconnection.setRequestProperty("Content-Length", "0");
if (httpconnection != null) {
    BufferedReader rd = new BufferedReader(new InputStreamReader(
                    httpconnection.getInputStream()));
[...]

导致此错误:

javax.net.ssl.SSLHandshakeException: Could not verify SSL certificate for URL: https://oauth.intuit.com/oauth/v1/get_request_token?oauth_signature=VzStL8UcIoDrgKdcU7jJAWaux5Y%3D&oauth_callback=http%3A%2F%2Flocalhost%3A8888%2Faccesstoken.htm&oauth_consumer_key=qyprdulFn7zfTw5ewpZhkPxSo4q27X&oauth_version=1.0&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1379761817&oauth_nonce=5706619579888946790
at com.google.appengine.api.urlfetch.URLFetchServiceImpl.convertApplicationException(URLFetchServiceImpl.java:144)
at com.google.appengine.api.urlfetch.URLFetchServiceImpl.fetch(URLFetchServiceImpl.java:43)
at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.fetchResponse(URLFetchServiceStreamHandler.java:417)
at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.getInputStream(URLFetchServiceStreamHandler.java:296)
at com.intuit.utils.OauthHelper.getRequestTokenSignPost(OauthHelper.java:167)

网址如下:

https://oauth.intuit.com/oauth/v1/get_request_token?oauth_signature=xxxx&oauth_callback=http%3A%2F%2Flocalhost%3A8888%2Faccesstoken.htm&oauth_consumer_key=xxxx&oauth_version=1.0&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1379768671&oauth_nonce=-78989043

完全相同的代码在TomCat 7上完美运行。

路标

我还试图取代DefaultOAuthConsumer& DefaultOAuthProvider由以下内容组成:

oauth.signpost.commonshttp.CommonsHttpOAuthProvider;
oauth.signpost.commonshttp.CommonsHttpOAuthConsumer;

,但它会产生完全相同的异常。

有什么想法吗?

1 个答案:

答案 0 :(得分:2)

在我说我尝试了一些对我来说没什么意义的东西之后,但似乎有效,试试这个:

        URLFetchService fetcher = URLFetchServiceFactory.getURLFetchService();
        FetchOptions lFetchOptions = FetchOptions.Builder.validateCertificate();
        HTTPRequest request = new HTTPRequest(url, HTTPMethod.GET, lFetchOptions);
        HTTPResponse response = fetcher.fetch(request);

对我来说,它是FetchOptions.Builder并明确设置“validateCertificate()”;看看这是否能解决它。

相关问题
最新问题