听说java的苛刻,没有想到居然到了如此严格的地步。
因为抽取数据的需要,在jsp中需要对其他网站页面截取,今天发现怪异的问题,在windows的开发环境一切正常,但是部署到linux上就不能运行提示:
javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
经过测试发现http网站没有问题,百度网站的https也正常,但是有的网站就不行,经查问题是https的证书原因导致,googing到一个解决方案,记录下来留存使用
建立一个SslUtils.java,内容为:
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class SslUtils {
private static void trustAllHttpsCertificates() throws Exception {
TrustManager[] trustAllCerts = new TrustManager[1];
TrustManager tm = new miTM();
trustAllCerts[0] = tm;
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}
static class miTM implements TrustManager,X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public boolean isServerTrusted(X509Certificate[] certs) {
return true;
}
public boolean isClientTrusted(X509Certificate[] certs) {
return true;
}
public void checkServerTrusted(X509Certificate[] certs, String authType)
throws CertificateException {
return;
}
public void checkClientTrusted(X509Certificate[] certs, String authType)
throws CertificateException {
return;
}
}
/**
* 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
* @throws Exception
*/
public static void ignoreSsl() throws Exception{
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
return true;
}
};
trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
}
添加下面的代码和工具类,工具类在下面附件中有,直接下载即可。
//省略代码。。。
realUrl=newURL(url);
if("https".equalsIgnoreCase(realUrl.getProtocol())){
SslUtils.ignoreSsl();
}
//省略代码。。。
然后工具类SslUtils再附件中下载。即可解决因为没SSL证书报错。
网友评论