V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX 提问指南
burnbrid
V2EX  ›  问与答

Java 调用 https 接口报错:javax.net.ssl.SSLException: Server key,这个报错原理有大神能科普一下吗?

  •  
  •   burnbrid · 2021-01-27 10:33:45 +08:00 · 1228 次点击
    这是一个创建于 1395 天前的主题,其中的信息可能已经有所发展或是发生改变。

    JDK 版本信息:

    java version "1.6.0_113"
    Java(TM) SE Runtime Environment (build 1.6.0_113-b01)
    Java HotSpot(TM) 64-Bit Server VM (build 20.111-b01, mixed mode)
    

    Linux 版本信息:

    Linux testUser 2.6.32-431.el6.x86_64 #1 SMP Sun Nov 10 22:19:54 EST 2013 x86_64 x86_64 x86_64 GNU/Linux
    Linux version 2.6.32-431.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-4) (GCC) ) #1 SMP Sun Nov 10 22:19:54 EST 2013
    

    Weblogic 版本

    WebLogic Server 10.3.6.0
    weblogic11g,也就是 10.3.6 版本
    

    JAVA 代码中通过 org.apache.http.client.methods.HttpPost(来自 JAR 包 httpclient-4.5.9.jar)调用一个 https 的接口(第三方平台提供的接口,接口地址公司保密,不能提供出来,类似 https://testfile.comyan.org.cn/system/sc/qeuestUpload),报错。报错详细信息如下: 方法入口是 sendHttpsAndSkipCertificate 这个方法

    javax.net.ssl.SSLException: Server key
    	at com.sun.net.ssl.internal.ssl.Handshaker.throwSSLException(Handshaker.java:1139)
    	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:248)
    	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:817)
    	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:753)
    	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:989)
    	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1295)
    	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1322)
    	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1306)
    	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
    	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
    	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
    	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:374)
    	at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
    	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
    	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
    	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
    	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
    	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
    	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
    	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
    	at com.company.kb.common.utils.HttpUrlTool.sendHttpsAndSkipCertificate(HttpUrlTool.java:1528)
    	at com.company.kb.policy.app.newest.platform.car.service.shenzhen.platservice.uploadPolicyInfo(VhlPlatformHandlerShenzhenNewestImpl.java:19083)
    	at com.company.kb.policy.prod.vhl.bm.PolicyAppVhlBM.sendUrServiceBm(PolicyAppVhlBM.java:1002)
    	at com.company.kb.policy.prod.vhl.bm.PolicyAppVhlBM.sendUrService(PolicyAppVhlBM.java:907)
    	at com.company.kb.policy.app.quickapp.action.QuickAppBaseBizAction.sendUr(QuickAppBaseBizAction.java:2634)
    	at sun.reflect.GeneratedMethodAccessor7523.invoke(Unknown Source)
    	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    	at java.lang.reflect.Method.invoke(Method.java:597)
    	at org.apache.commons.beanutils.MethodUtils.invokeExactMethod(MethodUtils.java:404)
    	at org.apache.commons.beanutils.MethodUtils.invokeExactMethod(MethodUtils.java:354)
    	at com.isoftstone.fwk.facade.BizControllerImpl.handleRequest(BizControllerImpl.java:126)
    	at com.isoftstone.fwk.facade.BizControllerPojoAdapter.handleRequest(BizControllerPojoAdapter.java:37)
    	at com.isoftstone.fwk.action.BaseWebAction.perform(BaseWebAction.java:67)
    	at sun.reflect.GeneratedMethodAccessor239.invoke(Unknown Source)
    	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    	at java.lang.reflect.Method.invoke(Method.java:597)
    	at org.apache.commons.beanutils.MethodUtils.invokeExactMethod(MethodUtils.java:404)
    	at org.apache.commons.beanutils.MethodUtils.invokeExactMethod(MethodUtils.java:354)
    	at com.isoftstone.fwk.action.ActionControl.excute(ActionControl.java:19)
    	at com.isoftstone.fwk.web.WebControl.doAction(WebControl.java:225)
    	at com.isoftstone.fwk.web.WebControl.doPost(WebControl.java:47)
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    	at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    	at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    	at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
    	at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    	at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
    	at com.isoftstone.fwk.web.filter.DWCallbackFilter.doFilter(DWCallbackFilter.java:110)
    	at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:359)
    	at org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
    	at org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:67)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter.doFilterHttp(SecurityContextHolderAwareRequestFilter.java:91)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:116)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:59)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:238)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:174)
    	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236)
    	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
    	at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
    	at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:99)
    	at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
    	at com.isoftstone.iaeap.web.filter.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:97)
    	at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
    	at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3748)
    	at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3714)
    	at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    	at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    	at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2283)
    	at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2182)
    	at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1499)
    	at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263)
    	at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    Caused by: java.security.spec.InvalidKeySpecException: key spec not recognised
    	at cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.engineGeneratePublic(BaseKeyFactorySpi.java:36)
    	at cfca.sadk.org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi.engineGeneratePublic(KeyFactorySpi.java:89)
    	at java.security.KeyFactory.generatePublic(KeyFactory.java:304)
    	at com.sun.net.ssl.internal.ssl.HandshakeMessage$ECDH_ServerKeyExchange.<init>(HandshakeMessage.java:920)
    	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:244)
    	... 87 more
    javax.net.ssl.SSLException: Server key
    	at com.sun.net.ssl.internal.ssl.Handshaker.throwSSLException(Handshaker.java:1139)
    	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:248)
    	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:817)
    	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:753)
    	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:989)
    	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1295)
    	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1322)
    	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1306)
    	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
    	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
    	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
    	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:374)
    	at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
    	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
    	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
    	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
    	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
    	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
    	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
    	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
    	at com.company.kb.common.utils.HttpUrlTool.sendHttpsAndSkipCertificate(HttpUrlTool.java:1528)
    	at com.company.kb.policy.app.newest.platform.car.service.shenzhen.VhlPlatformHandlerShenzhenNewestImpl.uploadPolicyInfo(VhlPlatformHandlerShenzhenNewestImpl.java:19083)
    	at com.company.kb.policy.prod.vhl.bm.PolicyAppVhlBM.undrDicision(PolicyAppVhlBM.java:1002)
    	at com.company.kb.policy.prod.vhl.bm.PolicyAppVhlBM.quickSubmitToUnderwriting(PolicyAppVhlBM.java:907)
    	at com.company.kb.policy.app.quickapp.action.QuickAppBaseBizAction.quickSubmitToUnderwriting(QuickAppBaseBizAction.java:2634)
    	at sun.reflect.GeneratedMethodAccessor7523.invoke(Unknown Source)
    	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    	at java.lang.reflect.Method.invoke(Method.java:597)
    	at org.apache.commons.beanutils.MethodUtils.invokeExactMethod(MethodUtils.java:404)
    	at org.apache.commons.beanutils.MethodUtils.invokeExactMethod(MethodUtils.java:354)
    	at com.isoftstone.fwk.facade.BizControllerImpl.handleRequest(BizControllerImpl.java:126)
    	at com.isoftstone.fwk.facade.BizControllerPojoAdapter.handleRequest(BizControllerPojoAdapter.java:37)
    	at com.isoftstone.fwk.action.BaseWebAction.perform(BaseWebAction.java:67)
    	at sun.reflect.GeneratedMethodAccessor239.invoke(Unknown Source)
    	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    	at java.lang.reflect.Method.invoke(Method.java:597)
    	at org.apache.commons.beanutils.MethodUtils.invokeExactMethod(MethodUtils.java:404)
    	at org.apache.commons.beanutils.MethodUtils.invokeExactMethod(MethodUtils.java:354)
    	at com.isoftstone.fwk.action.ActionControl.excute(ActionControl.java:19)
    	at com.isoftstone.fwk.web.WebControl.doAction(WebControl.java:225)
    	at com.isoftstone.fwk.web.WebControl.doPost(WebControl.java:47)
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    	at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    	at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    	at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
    	at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    	at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
    	at com.isoftstone.fwk.web.filter.DWCallbackFilter.doFilter(DWCallbackFilter.java:110)
    	at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:359)
    	at org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
    	at org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:67)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	at org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter.doFilterHttp(SecurityContextHolderAwareRequestFilter.java:91)
    	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
    	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371)
    	
    

    项目中调用 http 接口的方法代码如下:

     private static CloseableHttpClient buildSSLCloseableHttpClient() throws Exception {
            SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
                // 信任所有
                public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                    return true;
                }
            }).build();
            // ALLOW_ALL_HOSTNAME_VERIFIER:这个主机名验证器基本上是关闭主机名验证的,实现的是一个空操作,并且不会抛出 javax.net.ssl.SSLException 异常。
            SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null,
                    SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            return HttpClients.custom().setSSLSocketFactory(sslsf).build();
        }
    
    
    public static String sendHttpsAndSkipCertificate(Map<String,String> httpMap, String jsonStr) throws BusinessServiceException {
        	long startTime = 0L;
        	long endTime = 0L;
            String result = null;// 返回的结果
            CloseableHttpResponse response = null;
            CloseableHttpClient client = null;
            HttpPost httpPost = new HttpPost( httpMap.get("url")); //创建 HttpPost 对象  
            // 参数不为空
            if(StringUtils.isNotBlank(jsonStr)) {
                try {  
        			//包装成一个 Entity 对象
        	        StringEntity entity = new StringEntity(jsonStr, CommCodeConstants.ENCODING_UTF_8);
        	        //设置请求的内容
        	        httpPost.setEntity(entity);
        	        //设置请求的报文头部的编码
        	        httpPost.setHeader(new BasicHeader("Content-Type", "application/json;charset=utf-8"));
        	        //设置期望服务端返回的编码
        	        httpPost.setHeader(new BasicHeader("Accept", "application/json, text/plain, */*"));
        	        //设置连接超时时间 30 秒
        	        httpPost.getParams().setParameter(HttpMethodParams.SO_TIMEOUT, 30000);
        	        //调用方法,创建 CloseableHttpClient 对象
                    client = buildSSLCloseableHttpClient();
                    startTime = System.currentTimeMillis();
                    response = client.execute( httpPost);
                    int statusCode = response.getStatusLine().getStatusCode();
                    if(HttpURLConnection.HTTP_OK == statusCode) {
                        HttpEntity httpEntity = response.getEntity();  
                        //取出应答字符串 
                        result = EntityUtils.toString( httpEntity); 
                    } else {
                    	throw ExceptionUtil.createBusException("没有正确连接[" + httpMap.get("name") + "],HTTP 服务返回有误,服务返回编码:" + statusCode);
                    }
                } catch (Exception e) {
                    endTime = System.currentTimeMillis() - startTime;
                    logger.error("sendHttpsAndSkipCertificateError,endTime" + endTime, e);
                    e.printStackTrace();  
                    result = e.getMessage().toString();  
                    throw ExceptionUtil.createBusException( httpMap.get("name") +"接口交互出错:"+e.getMessage().toString());
                }  finally {
        			if (response != null) {
        				try {//关闭 response 和 client
        					response.close();
        				} catch(Exception e) {
        	                endTime = System.currentTimeMillis() - startTime;
        	                logger.error("sendHttpsAndSkipCertificateError,endTime" + endTime, e);
        					e.printStackTrace();
        				}
        			}
        			if (client != null) {
        				try {//关闭 response 和 client
        					client.close();
        				} catch(Exception e) {
        	                endTime = System.currentTimeMillis() - startTime;
        	                logger.error("sendHttpsAndSkipCertificateError,endTime" + endTime, e);
        					e.printStackTrace();
        				}
        			}
        		}
            }
            return result;
        }
    

    这个问题对我来说太难了。我个人猜测是我们公司服务器上面的证书有问题,但是我不知道怎么看服务器上面的证书。即使我看到了服务器上面的证书我也不知道怎么判断我们服务器上的证书有没有问题。我们生产环境上面调这个接口不会报错,测试环境上周测试的时候不会报错,昨天跟今天测试的时候每次调用都报错。

    6 条回复    2021-01-27 18:09:36 +08:00
    sakasaka
        1
    sakasaka  
       2021-01-27 12:28:58 +08:00
    重导一下 BouncyCastle 算法库试试
    kingfalse
        2
    kingfalse  
       2021-01-27 13:29:30 +08:00
    sslfactory 你搜搜这个,取消 https 的 ssl 验证
    自定义一个返回 null 的
    limuyan44
        3
    limuyan44  
       2021-01-27 13:52:48 +08:00
    什么都没干突然报错的话重新生成一下证书试试琢磨也是浪费时间影响测试进度还得背锅。
    css3
        4
    css3  
       2021-01-27 13:55:07 +08:00 via iPhone
    vpn 关了重试
    burnbrid
        5
    burnbrid  
    OP
       2021-01-27 16:50:19 +08:00
    已经解决了,详情见 https://club.perfma.com/question/2195295,解决办法就是升级了 bcprov-jdkxxx-xxx.jar 这个 jar 包。由 bcprov-jdk16-1.46.jar 升级到 bcprov-jdk15on-160.jar 就解决了。这个 bcprov-jdkxxx-xxx.jar 包在 JDK 的安装目录 jre/lib/ext/这个目录下。同时还需要在 JDK 的安装目录 /jre/lib/security/java.security 这个文件中添加 security.provider.9=org.bouncycastle.jce.provider.BouncyCastleProvider

    图片 https://img-ask.csdnimg.cn/upload/1611737103967.png
    burnbrid
        6
    burnbrid  
    OP
       2021-01-27 18:09:36 +08:00
    但是还有一个疑问就是,我在本地测试的时候,就从来没报过这个错。我本地的环境是 JDK1.6.0_45,tomcat6 。而且我本地的 JDK 安装目录 jre/lib/ext/这个目录下也没有 bcprov-jdkxxx-xxx.jar 这种格式的 jar 包。/jre/lib/security/java.security 这个文件里面也没有 security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider 这样的配置。我怀疑我们服务器上面有这个 bcprov-jdkxxx-xxx.jar 包,是我前任同事为了解决别的问题放上去的。然后有了这个 bcprov-jdkxxx-xxx.jar 包之后就会触发证书验证。其实没有这个 bcprov-jdkxxx-xxx.jar 包直接调 https 接口应该也不会报错。有了 bcprov-jdkxxx-xxx.jar 包刚好触发了 https 证书验证,但是服务器上这个 bcprov-jdkxxx-xxx.jar 包又不敢贸然删除,删了之后要大面积测试的。应该跟-DUseSunHttpHandler=true 这个 JVM 参数也有关系。等我晚上下班测试一下。
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2727 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 24ms · UTC 14:33 · PVG 22:33 · LAX 06:33 · JFK 09:33
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.