如何修复“ javax.net.ssl.SSLHandshakeException:链验证失败”

时间:2019-04-25 05:55:38

标签: ssl https

我从市场商店更新了我的应用程序,然后尝试使用我的帐户登录,但失败并显示错误:

  

javax.net.ssl.SSLHandshakeException:链验证失败。

但是当我在任务管理器中终止该应用程序或重新启动手机时,它运行正常,并且不再显示错误。我该如何解决。

我已经搜索了一些答案,有些答案显示我的证书已过期,但是为什么当我重新启动手机并重新启动我的应用程序时它可以正常工作。

04-25 10:35:30.505  9127 15685 W System.err: javax.net.ssl.SSLHandshakeException: Chain validation failed
04-25 10:35:30.505  9127 15685 W System.err:    at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:355)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.a.c.b.a(RealConnection.java:195)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.a.c.b.a(RealConnection.java:148)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.a.c.b.a(RealConnection.java:111)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.a.b.r.a(StreamAllocation.java:188)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.a.b.r.b(StreamAllocation.java:127)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.a.b.r.a(StreamAllocation.java:97)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.a.b.g.o(HttpEngine.java:289)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.a.b.g.a(HttpEngine.java:241)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.z.a(RealCall.java:240)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.z$a.a(RealCall.java:198)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.z.a(RealCall.java:160)
04-25 10:35:30.505  9127 15685 W System.err:    at okhttp3.z.b(RealCall.java:57)
04-25 10:35:30.505  9127 15685 W System.err:    at com.yaok.a.g.a(HttpLoader.java:190)
04-25 10:35:30.505  9127 15685 W System.err:    at com.yaok.a.d.a(DataLoader.java:308)
04-25 10:35:30.505  9127 15685 W System.err:    at com.yaok.a.d.a(DataLoader.java:72)
04-25 10:35:30.505  9127 15685 W System.err:    at com.yaok.a.j.run(Loader.java:10)
04-25 10:35:30.505  9127 15685 W System.err: Caused by: java.security.cert.CertificateException: Chain validation failed
04-25 10:35:30.505  9127 15685 W System.err:    at com.android.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:705)
04-25 10:35:30.505  9127 15685 W System.err:    at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:537)
04-25 10:35:30.505  9127 15685 W System.err:    at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:558)
04-25 10:35:30.505  9127 15685 W System.err:    at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:603)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:493)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:416)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:337)
04-25 10:35:30.506  9127 15685 W System.err:    at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94)
04-25 10:35:30.506  9127 15685 W System.err:    at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:203)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:592)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:351)
04-25 10:35:30.506  9127 15685 W System.err:    ... 16 more
04-25 10:35:30.506  9127 15685 W System.err: Caused by: java.security.cert.CertPathValidatorException: timestamp check failed
04-25 10:35:30.506  9127 15685 W System.err:    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:133)
04-25 10:35:30.506  9127 15685 W System.err:    at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:225)
04-25 10:35:30.506  9127 15685 W System.err:    at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:143)
04-25 10:35:30.506  9127 15685 W System.err:    at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79)
04-25 10:35:30.506  9127 15685 W System.err:    at java.security.cert.CertPathValidator.validate(CertPathValidator.java:301)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:701)
04-25 10:35:30.506  9127 15685 W System.err:    ... 28 more
04-25 10:35:30.506  9127 15685 W System.err: Caused by: java.security.cert.CertificateExpiredException: Certificate expired at Tue Jan 15 15:39:44 GMT+08:00 2019 (compared to Thu Apr 25 10:35:30 GMT+08:00 2019)
04-25 10:35:30.506  9127 15685 W System.err:    at com.android.org.conscrypt.OpenSSLX509Certificate.checkValidity(OpenSSLX509Certificate.java:244)
04-25 10:35:30.506  9127 15685 W System.err:    at sun.security.provider.certpath.BasicChecker.verifyTimestamp(BasicChecker.java:194)
04-25 10:35:30.506  9127 15685 W System.err:    at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:144)
04-25 10:35:30.506  9127 15685 W System.err:    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
04-25 10:35:30.506  9127 15685 W System.err:    ... 33 more

1 个答案:

答案 0 :(得分:0)

在我的情况下尝试这段代码即可解决问题

private OkHttpClient myOkHttpClient(){

try{
    OkHttpClient okHttpClient = new OkHttpClient();
    okHttpClient.setReadTimeout(70 * 1000, TimeUnit.MILLISECONDS);
    okHttpClient.setConnectTimeout(70 * 1000, TimeUnit.MILLISECONDS);

    final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        @Override
        public void checkClientTrusted(
                java.security.cert.X509Certificate[] chain,
                String authType) throws CertificateException {
        }

        @Override
        public void checkServerTrusted(
                java.security.cert.X509Certificate[] chain,
                String authType) throws CertificateException {
        }

        @Override
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    } };


    final SSLContext sslContext = SSLContext.getInstance("SSL");
    sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
    // Create an ssl socket factory with our all-trusting manager
    final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

    okHttpClient.setSslSocketFactory(sslSocketFactory);

    return okHttpClient;

}catch (Exception e){
    return null;
}
}
相关问题
最新问题