我有www.billiving.com API的集成测试套件。当该API调用端点应为https://www.billiving.com时。
我的测试套件在Windows上完美运行。但是当它移动到ubuntu 14.x时,它会因以下异常而失败。 [1]
所以我写了这个[2]代码来测试它超出了测试套件。它仍然以相同的例外失败。
因此我尝试将billiving.com证书导入JKS,但仍然失败并出现相同的异常。
我知道作为解决方案,我们可以覆盖Verifier类中的verify方法并返回true。但我需要适当的解决方案,因为这会导致安全问题。
1)为什么这个错误以及为什么它只能在linux上运行。2)我们如何通过适当的解决方案来解决这个问题
API网址: https://www.billiving.com/
[1]例外:
> javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS
> name matching www.billiving.com found. at
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1209)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
> at
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
> at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
> at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1195)
> at
> java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
> at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
> at Application.main(Application.java:20) Caused by:
> java.security.cert.CertificateException: No subject alternative DNS
> name matching www.billiving.com found. at
> sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:193)
> at sun.security.util.HostnameChecker.match(HostnameChecker.java:77)
> at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:264)
> at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:250)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1188)
[2]示例代码:
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
public class Application {
public static void main(String[] args) {
URL url;
try {
url = new URL(args[0]);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setInstanceFollowRedirects(false);
connection.setRequestMethod("GET");
if (connection.getResponseCode() >= 400) {
System.out.println("ERROR "+ connection.getResponseCode());
} else {
System.out.println("Success");
}
System.out.println("Connection Crated");
} catch (MalformedURLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
命令使用上面的代码:
java Application https://www.billiving.com
答案 0 :(得分:1)
此网站的真实证书具有正确的主机名。但只有在使用SNI(Server Name Indication)时才能获得此证书。较旧的Java版本不支持SNI(自Java 7以来应该受支持),因此您可能需要升级未指定的版本。