HTTPs HTTPURLConnection问题

时间:2015-04-12 18:33:22

标签: java rest ssl httpurlconnection

我有一个REST API说https://testing.com/ap//v1/test/23123。 这是我的Java代码:

URL restServiceURL = new URL(targetURL);

Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("100.3.4.54", 9128));
HttpURLConnection httpConnection = (HttpURLConnection) restServiceURL.openConnection(proxy);
httpConnection.setRequestMethod("GET");
httpConnection.setRequestProperty("Accept", "application/json");

if (httpConnection.getResponseCode() != 200) {
    throw new RuntimeException("HTTP GET Request Failed with Error code : "
            + httpConnection.getResponseCode());
}

BufferedReader responseBuffer = new BufferedReader(new InputStreamReader(
        (httpConnection.getInputStream())));

这会抛出一个java异常:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: CA key usage check failed: keyCertSign bit is not set
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)

有没有办法绕过这个https验证?解决这个问题的最佳方法是什么?

1 个答案:

答案 0 :(得分:0)

服务器证书无效。提交的签名证书不是签名证书,也就是说它没有设置keyCertSign位。