我具有www.billiving.com API的集成测试套件。该API调用端点应为https://www.billiving.com的时间。
我的测试套件可以在Windows上完美运行。但是,当它移至ubuntu 14.x时,它失败并出现以下异常。 [1]
因此,我编写了此[2]代码以在测试套件之外对其进行测试。仍然失败,但有相同的例外。
所以我试图将billiving.com证书导入JKS,但仍然失败,但出现相同的异常。
我知道作为解决方案,我们可以覆盖Verifier类中的verify方法并返回true。但是我需要适当的解决方案,因为这可能会导致安全问题。
1)为什么会出现此错误,以及为什么它仅在Linux上。
2)我们怎样才能通过适当的解决方案解决这个问题
API网址:
https://www.billiving.com/
[1]例外:
> javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS
> name matching www.billiving.com found. at
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1209)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
> at
> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
> at
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
> at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
> at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1195)
> at
> java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
> at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
> at Application.main(Application.java:20) Caused by:
> java.security.cert.CertificateException: No subject alternative DNS
> name matching www.billiving.com found. at
> sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:193)
> at sun.security.util.HostnameChecker.match(HostnameChecker.java:77)
> at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:264)
> at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:250)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1188)
[2]示例代码:
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
public class Application {
public static void main(String[] args) {
URL url;
try {
url = new URL(args[0]);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setInstanceFollowRedirects(false);
connection.setRequestMethod("GET");
if (connection.getResponseCode() >= 400) {
System.out.println("ERROR "+ connection.getResponseCode());
} else {
System.out.println("Success");
}
System.out.println("Connection Crated");
} catch (MalformedURLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
使用以上代码的命令:
java Application https://www.billiving.com
最佳答案
该站点的真实证书具有正确的主机名。但是,只有在使用SNI(Server Name Indication)时,您才能获得此证书。较早的Java版本不支持SNI(自Java 7开始应受支持),因此也许您需要升级未指定的版本。