HttpClient_javax.net.ssl.SSLHandshakeException: sun.security.validator 问题解决,与环境有关

用httpclient访问https 资源时,会出现异常,与环境也有关系，有些机器请求正常.

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat com.sun.net.ssl.inteal.ssl.Alerts.getSSLException(Alerts.java:174)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1623)at com.sun.net.ssl.inteal.ssl.Handshaker.fatalSE(Handshaker.java:198)at com.sun.net.ssl.inteal.ssl.Handshaker.fatalSE(Handshaker.java:192)at com.sun.net.ssl.inteal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1074)at com.sun.net.ssl.inteal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:128)at com.sun.net.ssl.inteal.ssl.Handshaker.processLoop(Handshaker.java:529)at com.sun.net.ssl.inteal.ssl.Handshaker.process_record(Handshaker.java:465)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1147)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1131)at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049)at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)at com.msd.payCenter.msdPay.yeePay.util.HttpUtils.URLGet(HttpUtils.java:67)at com.msd.payCenter.msdPay.yeePay.service.impl.YeePayServiceImpl.yeeAutoCheckOrder(YeePayServiceImpl.java:298)at com.msd.payCenter.msdPay.AutoCheckOrderServiceImpl.autoCheckOrder(AutoCheckOrderServiceImpl.java:83)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

 

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat com.sun.net.ssl.inteal.ssl.Alerts.getSSLException(Alerts.java:174)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1623)at com.sun.net.ssl.inteal.ssl.Handshaker.fatalSE(Handshaker.java:198)at com.sun.net.ssl.inteal.ssl.Handshaker.fatalSE(Handshaker.java:192)at com.sun.net.ssl.inteal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1074)at com.sun.net.ssl.inteal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:128)at com.sun.net.ssl.inteal.ssl.Handshaker.processLoop(Handshaker.java:529)at com.sun.net.ssl.inteal.ssl.Handshaker.process_record(Handshaker.java:465)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1147)at com.sun.net.ssl.inteal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1131)at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049)at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)at com.msd.payCenter.msdPay.yeePay.util.HttpUtils.URLGet(HttpUtils.java:67)at com.msd.payCenter.msdPay.yeePay.service.impl.YeePayServiceImpl.yeeAutoCheckOrder(YeePayServiceImpl.java:298)at com.msd.payCenter.msdPay.AutoCheckOrderServiceImpl.autoCheckOrder(AutoCheckOrderServiceImpl.java:83)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

 

解决方法：

增加一个自己的https协议类 MySSLSocketFactory.java

package com.nassir.hc3;import java.io.IOException;import java.net.InetAddress;import java.net.InetSocketAddress;import java.net.Socket;import java.net.SocketAddress;import java.net.UnknownHostException;import java.security.KeyManagementException;import java.security.NoSuchAlgorithmException;import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import javax.net.SocketFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import org.apache.commons.httpclient.ConnectTimeoutException;import org.apache.commons.httpclient.params.HttpConnectionParams;import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;public class MySSLSocketFactory implements ProtocolSocketFactory {static {System.out.println(">>>>in MySSLSocketFactory>>");}private SSLContext sslcontext = null;private SSLContext createSSLContext() {SSLContext sslcontext = null;try {sslcontext = SSLContext.getInstance("SSL");sslcontext.init(null,new TrustManager[] { new TrustAnyTrustManager() },new java.security.SecureRandom());} catch (NoSuchAlgorithmException e) {e.printStackTrace();} catch (KeyManagementException e) {e.printStackTrace();}retu sslcontext;}private SSLContext getSSLContext() {if (this.sslcontext == null) {this.sslcontext = createSSLContext();}retu this.sslcontext;}public Socket createSocket(Socket socket, String host, int port,boolean autoClose) throws IOException, UnknownHostException {retu getSSLContext().getSocketFactory().createSocket(socket, host,port, autoClose);}public Socket createSocket(String host, int port) throws IOException,UnknownHostException {retu getSSLContext().getSocketFactory().createSocket(host, port);}public Socket createSocket(String host, int port, InetAddress clientHost,int clientPort) throws IOException, UnknownHostException {retu getSSLContext().getSocketFactory().createSocket(host, port,clientHost, clientPort);}public Socket createSocket(String host, int port, InetAddress localAddress,int localPort, HttpConnectionParams params) throws IOException,UnknownHostException, ConnectTimeoutException {if (params == null) {throw new IllegalArgumentException("Parameters may not be null");}int timeout = params.getConnectionTimeout();SocketFactory socketfactory = getSSLContext().getSocketFactory();if (timeout == 0) {retu socketfactory.createSocket(host, port, localAddress,localPort);} else {Socket socket = socketfactory.createSocket();SocketAddress localaddr = new InetSocketAddress(localAddress,localPort);SocketAddress remoteaddr = new InetSocketAddress(host, port);socket.bind(localaddr);socket.connect(remoteaddr, timeout);retu socket;}}private static class TrustAnyTrustManager implements X509TrustManager {public void checkClientTrusted(X509Certificate[] chain, String authType)throws CertificateException {}public void checkServerTrusted(X509Certificate[] chain, String authType)throws CertificateException {}public X509Certificate[] getAcceptedIssuers() {retu new X509Certificate[] {};}}}

 

package com.nassir.hc3;import java.io.IOException;import java.net.InetAddress;import java.net.InetSocketAddress;import java.net.Socket;import java.net.SocketAddress;import java.net.UnknownHostException;import java.security.KeyManagementException;import java.security.NoSuchAlgorithmException;import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import javax.net.SocketFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import org.apache.commons.httpclient.ConnectTimeoutException;import org.apache.commons.httpclient.params.HttpConnectionParams;import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;public class MySSLSocketFactory implements ProtocolSocketFactory {static {System.out.println(">>>>in MySSLSocketFactory>>");}private SSLContext sslcontext = null;private SSLContext createSSLContext() {SSLContext sslcontext = null;try {sslcontext = SSLContext.getInstance("SSL");sslcontext.init(null,new TrustManager[] { new TrustAnyTrustManager() },new java.security.SecureRandom());} catch (NoSuchAlgorithmException e) {e.printStackTrace();} catch (KeyManagementException e) {e.printStackTrace();}retu sslcontext;}private SSLContext getSSLContext() {if (this.sslcontext == null) {this.sslcontext = createSSLContext();}retu this.sslcontext;}public Socket createSocket(Socket socket, String host, int port,boolean autoClose) throws IOException, UnknownHostException {retu getSSLContext().getSocketFactory().createSocket(socket, host,port, autoClose);}public Socket createSocket(String host, int port) throws IOException,UnknownHostException {retu getSSLContext().getSocketFactory().createSocket(host, port);}public Socket createSocket(String host, int port, InetAddress clientHost,int clientPort) throws IOException, UnknownHostException {retu getSSLContext().getSocketFactory().createSocket(host, port,clientHost, clientPort);}public Socket createSocket(String host, int port, InetAddress localAddress,int localPort, HttpConnectionParams params) throws IOException,UnknownHostException, ConnectTimeoutException {if (params == null) {throw new IllegalArgumentException("Parameters may not be null");}int timeout = params.getConnectionTimeout();SocketFactory socketfactory = getSSLContext().getSocketFactory();if (timeout == 0) {retu socketfactory.createSocket(host, port, localAddress,localPort);} else {Socket socket = socketfactory.createSocket();SocketAddress localaddr = new InetSocketAddress(localAddress,localPort);SocketAddress remoteaddr = new InetSocketAddress(host, port);socket.bind(localaddr);socket.connect(remoteaddr, timeout);retu socket;}}private static class TrustAnyTrustManager implements X509TrustManager {public void checkClientTrusted(X509Certificate[] chain, String authType)throws CertificateException {}public void checkServerTrusted(X509Certificate[] chain, String authType)throws CertificateException {}public X509Certificate[] getAcceptedIssuers() {retu new X509Certificate[] {};}}}

 

请求类：

/** *  */package com.nassir.hc3;import java.io.IOException;import java.io.InputStream;import org.apache.commons.httpclient.HttpClient;import org.apache.commons.httpclient.HttpException;import org.apache.commons.httpclient.HttpMethod;import org.apache.commons.httpclient.methods.PostMethod;import org.apache.commons.httpclient.protocol.Protocol;/** * @author nassir wen * @data 2012-3-31 下午05:09:13 * @version V2.5 * @Company: MSD. * @Copyright Copyright (c) 2012 */public class HttpsRequest {/** *  * @param url * @retu */public static String post(String url) {//增加下面两行代码Protocol myhttps = new Protocol("https", new MySSLSocketFactory(), 443);Protocol.registerProtocol("https", myhttps);HttpClient client = new HttpClient();HttpMethod post = new PostMethod(url);try {client.executeMethod(post);byte[] responseBody = post.getResponseBody();String result = new String(responseBody,"GBK");retu result;} catch (HttpException e) {e.printStackTrace();} catch (IOException e) {e.printStackTrace();} finally {post.releaseConnection();}retu null;}}

/** *  */package com.nassir.hc3;import java.io.IOException;import java.io.InputStream;import org.apache.commons.httpclient.HttpClient;import org.apache.commons.httpclient.HttpException;import org.apache.commons.httpclient.HttpMethod;import org.apache.commons.httpclient.methods.PostMethod;import org.apache.commons.httpclient.protocol.Protocol;/** * @author nassir wen * @data 2012-3-31 下午05:09:13 * @version V2.5 * @Company: MSD. * @Copyright Copyright (c) 2012 */public class HttpsRequest {/** *  * @param url * @retu */public static String post(String url) {//增加下面两行代码Protocol myhttps = new Protocol("https", new MySSLSocketFactory(), 443);Protocol.registerProtocol("https", myhttps);HttpClient client = new HttpClient();HttpMethod post = new PostMethod(url);try {client.executeMethod(post);byte[] responseBody = post.getResponseBody();String result = new String(responseBody,"GBK");retu result;} catch (HttpException e) {e.printStackTrace();} catch (IOException e) {e.printStackTrace();} finally {post.releaseConnection();}retu null;}}

 

 

测试：

public static void main(String[] args) {System.out.println(HttpsRequest.post("https://www.alipay.com"));//支付宝做测试}

public static void main(String[] args) {System.out.println(HttpsRequest.post("https://www.alipay.com"));//支付宝做测试}