我在下面的代码中遇到安全证书错误(source)。例外是:
javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到所请求目标的有效证书路径
引起:sun.security.provider.certpath.SunCertPathBuilderException:无法找到所请求目标的有效证书路径。
如何禁用安全证书检查?
import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
import com.gargoylesoftware.htmlunit.Page;
import com.gargoylesoftware.htmlunit.WebClient;
import com.gargoylesoftware.htmlunit.html.DomNode;
import com.gargoylesoftware.htmlunit.html.HtmlElement;
import com.gargoylesoftware.htmlunit.html.HtmlFileInput;
import com.gargoylesoftware.htmlunit.html.HtmlForm;
import com.gargoylesoftware.htmlunit.html.HtmlPage;
import com.gargoylesoftware.htmlunit.html.HtmlPasswordInput;
import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput;
import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
public class WebRobot {
public static void login(String username, String password) {
String loginUrl = "http://example.com";
int loginFormNum = 1;
String usernameInputName = "nameinput";
String passwordInputName = "passinput";
String submitLoginButtonValue = "Sign In";
// create the HTMLUnit WebClient instance
WebClient wclient = new WebClient();
// configure WebClient based on your desired
wclient.getOptions().setPrintContentOnFailingStatusCode(false);
wclient.getOptions().setCssEnabled(false);
wclient.getOptions().setThrowExceptionOnFailingStatusCode(false);
wclient.getOptions().setThrowExceptionOnScriptError(false);
try {
// get the login page by connect to the URL
final HtmlPage loginPage = (HtmlPage)wclient.getPage(loginUrl);
// get the login form by its form number. mine is 1 (form[1])
final HtmlForm loginForm = loginPage.getForms().get(loginFormNum);
// get the text input field by the name and set the value
final HtmlTextInput txtUser = loginForm.getInputByName(usernameInputName);
txtUser.setValueAttribute(username);
// get the password input field by the name and set the value
final HtmlPasswordInput txtpass = loginForm.getInputByName(passwordInputName);
txtpass.setValueAttribute(password);
// get the submit button by the text value
final HtmlSubmitInput submitLogin = loginForm.getInputByValue(submitLoginButtonValue);
// after we set the name & password then we click the submit button
// it will return a page (redirect or message alert or somethin, different sites different behaviour)
// or it could throws an exception
final HtmlPage returnPage = submitLogin.click();
// we can analyze the return page based on the body
// ex: mine is check if its body contains less than 5 elements
final HtmlElement returnBody = returnPage.getBody();
if (returnBody==null || returnBody.getChildElementCount()<5) {
// bla.. bla.. bla..
}
} catch(FailingHttpStatusCodeException e) {
e.printStackTrace();
} catch(Exception e) {
e.printStackTrace();
}
}
}
答案 0 :(得分:0)
看看如何(其中一个):
请记住,除非在适当的受信任环境(客户端和服务器)中完成,否则步骤2可能是潜在的安全风险,并且步骤3完全取消SSL提供的安全功能。在选择之前,请确保您知道最终想要达到的目标。
此外,由于最近发现的POODLE漏洞,请避免使用SSL3。
答案 1 :(得分:0)
在此之前,您必须添加以下代码:
System.setProperty("jsse.enableSNIExtension", "false");
之前的行:
// get the login page by connect to the URL
final HtmlPage loginPage = (HtmlPage) wclient.getPage(loginUrl);
如果你不这样做,你会收到错误:
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
然后,根据您使用的WebClient类的版本,尝试以下代码行之一:
wclient.setUseInsecureSSL(true);
wclient.getOptions().setUseInsecureSSL(true);
注意 - 禁用安全性非常危险。所以不要在生产代码中这样做。