Question

我不熟悉API（官方和非官方），我正在使用一个名为JavaSnap的API。我一直在搞乱示例代码的一个非常基本的实现，但一直遇到错误。这是最基本的代码：

Snapchat snapchat = Snapchat.login("xxxx", "xxxxx");

首先，我遇到了大量的ClassNotFound错误，不得不继续下载apache模块（commons，httpcomponents等）以允许程序进行，但是作为类文件这意味着我无法立刻看到所有模块我需要下载。所以，如果有人想告诉我，我做错了多么有意思。

无论如何，现在已经清理了所有ClassNotFound异常（我希望）我得到以下异常：

com.mashape.unirest.http.exceptions.UnirestException: javax.net.ssl.SSLPeerUnverifiedException: Host name 'feelinsonice-hrd.appspot.com' does not match the certificate subject provided by the peer (CN=*.appspot.com, O=Google Inc, L=Mountain View, ST=California, C=US)
    at com.mashape.unirest.http.HttpClientHelper.request(HttpClientHelper.java:146)
    at com.mashape.unirest.request.BaseRequest.asJson(BaseRequest.java:68)
    at com.habosa.javasnap.Snapchat.requestJson(Snapchat.java:953)
    at com.habosa.javasnap.Snapchat.login(Snapchat.java:160)
    at Tester.go(Tester.java:21)

据我了解，这是因为我需要启用信任所有证书，但是为了做到这一点我相信我需要使用带有SSLSocketFactorys的HostNameVerifiers，但是我不能真正开始乱用这个，因为我只拥有JavaSnap API的源代码，并在堆栈中跟踪错误，我可以编辑的最新方法是：

private static HttpResponse<JsonNode> requestJson(String path, Map<String, Object> params, File file) throws UnirestException {
        MultipartBody req = prepareRequest(path, params, file);

        // Execute and return response as JSON
        HttpResponse<JsonNode> resp = req.asJson();

        // Record
        lastRequestPath = path;
        lastResponse = resp;
        lastResponseBodyClass = JsonNode.class;

        return resp;

我的问题是，我的想法是否符合正确的要求？
如果我是如何实现消除此错误/信任证书的目标？如果我不是那么事实上是什么问题？

非常感谢

Answer 1

我回答这个老问题，以便记住我的搜索证书错误解决方案是来自几个地方的组合

https://github.com/Mashape/unirest-java/issues/70，我开始的地方。
http://literatejava.com/networks/ignore-ssl-certificate-errors-apache-httpclient-4-4/非常好的解释。
http://www.baeldung.com/httpclient-ssl，所有版本的解决方案。

import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.SSLContext;
import javax.security.cert.CertificateException;
import javax.security.cert.X509Certificate;

import org.apache.http.client.HttpClient;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;

import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.JsonNode;
import com.mashape.unirest.http.Unirest;
import com.mashape.unirest.http.exceptions.UnirestException;

public class XXX {

    private static HttpClient unsafeHttpClient;

    static {
        try {
            SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy() {
                public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    return true;
                }
            }).build();

            unsafeHttpClient = HttpClients.custom().setSSLContext(sslContext)
                    .setSSLHostnameVerifier(new NoopHostnameVerifier()).build();

        } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) {
            e.printStackTrace();
        }
    }

    public static HttpClient getClient() {
        return unsafeHttpClient;
    }

    public static void main(String[] args) {

        try {
            HttpClient creepyClient = RestUnirestClient.getClient();
            Unirest.setHttpClient(creepyClient);

            HttpResponse<JsonNode> response = Unirest.get("https://httpbin.org/get?show_env=1").asJson();
            System.out.println(response.getBody().toString());

        } catch (UnirestException e) {
            e.printStackTrace();
        }
    }
}

SSLPeerUnverifiedException（Unirest）

1 个答案: