我调用了https服务,并希望加载服务器提供给我的证书以调用服务器,但是报告了这样的错误。需要明确的是,我不打算绕过NoopHostnameVerifier.INSTANCE的验证。非常感谢。
这是myCode:
public static HttpClient getHttpClient() throws ClientProtocolException, IOException {
Map<String, String> map2 = ReverseConfig.getReverseMap();
Crypter CRYPTER = CrypterFactory.getCrypter();
// 从配置库中获得信任库文件所在位置
String trustStorePath = map2.get(ParamConstant.TRUSTSTORE_PATH);
LOGGER.debug("trustStorePath path is " + trustStorePath);
String trustStorePwd_Raw = map2.get(ParamConstant.TRUSTSTRORE_PASSWORD);
LOGGER.debug("begin to crypte password...");
String trustStorePwd = CRYPTER.decrypt(trustStorePwd_Raw);
LOGGER.debug("crypte password successful...");
SSLContext sslcontext = getSSLContext(trustStorePath, trustStorePwd);
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory> create()
.register("http", PlainConnectionSocketFactory.INSTANCE)
.register("https", new SSLConnectionSocketFactory(sslcontext, NoopHostnameVerifier.INSTANCE))
.build();
PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
// 创建自定义的httpclient对象
HttpClient client = HttpClients.custom()
.setConnectionManager(connManager)
.setConnectionManagerShared(true)
.evictExpiredConnections()
.build();
return client;
}
public static SSLContext getSSLContext(String keyStorePath, String keyStorepass) {
SSLContext sc = null;
FileInputStream instream = null;
KeyStore trustStore = null;
try {
trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
instream = new FileInputStream(new File(keyStorePath));
trustStore.load(instream, keyStorepass.toCharArray());
// 相信自己的CA和所有自签名的证书
sc = SSLContexts.custom().loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()).build();
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException | KeyManagementException e) {
LOGGER.error("load ssl exception");
} finally {
try {
instream.close();
} catch (IOException e) {
LOGGER.error("load ssl exception2222");
}
}
return sc;
}