文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >OkHttp SSLPeerUnverifiedException

OkHttp SSLPeerUnverifiedException
EN

Stack Overflow用户
提问于 2016-07-19 15:24:14
回答 1查看 914关注 0票数 2

我在OkHttp 3.3.1中得到了以下异常

代码语言:javascript
复制
javax.net.ssl.SSLPeerUnverifiedException: Hostname xxx not verified:
certificate: xxx
DN:xxx
subjectAltNames: []
at okhttp3.internal.io.RealConnection.connectTls(RealConnection.java:248)
at okhttp3.internal.io.RealConnection.establishProtocol(RealConnection.java:196)
at okhttp3.internal.io.RealConnection.buildConnection(RealConnection.java:171)
at okhttp3.internal.io.RealConnection.connect(RealConnection.java:111)
at okhttp3.internal.http.StreamAllocation.findConnection(StreamAllocation.java:187)
at okhttp3.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:123)
at okhttp3.internal.http.StreamAllocation.newStream(StreamAllocation.java:93)
at okhttp3.internal.http.HttpEngine.connect(HttpEngine.java:296)
at okhttp3.internal.http.HttpEngine.sendRequest(HttpEngine.java:248)
at okhttp3.RealCall.getResponse(RealCall.java:243)
at okhttp3.RealCall$ApplicationInterceptorChain.proceed(RealCall.java:201)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:163)
at okhttp3.RealCall.execute(RealCall.java:57)

这是我的代码:

代码语言:javascript
复制
private OkHttpClient getClient() {
    OkHttpClient.Builder builder = new OkHttpClient().newBuilder();
    builder.sslSocketFactory(getPinnedCertSslSocketFactory());
    return lBuilder.build();
  }



  private SSLSocketFactory getPinnedCertSslSocketFactory() {
    try {
      KeyStore trusted = KeyStore.getInstance("BKS");
      File trustStoreFile = new File(...);
      InputStream in = new FileInputStream(trustStoreFile);
      trusted.load(in, TRUSTSTORE_PW.toCharArray());
      SSLContext sslContext = SSLContext.getInstance("TLS");
      TrustManagerFactory trustManagerFactory = TrustManagerFactory
          .getInstance(TrustManagerFactory.getDefaultAlgorithm());
      trustManagerFactory.init(trusted);
      sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
      return sslContext.getSocketFactory();
    } catch (Exception e) {
      LOGGER.error("getPinnedCertSslSocketFactory", e);
    }
    return null;
  }

public void doRequest() {
     OkHttpClient client = getClient();
     Request request = new Request.Builder().url(URL).post(BODY).build();
     client.newCall(request).execute();
}

有什么办法解决这个问题吗?

android
ssl
okhttp3
truststore
EN

回答 1

Stack Overflow用户

发布于 2018-09-25 21:30:37

代码语言:javascript
复制
builder.sslSocketFactory(getPinnedCertSslSocketFactory());

是不够的。

尝试以下代码:

代码语言:javascript
复制
@SuppressLint("BadHostnameVerifier")
private static class TrustAllHostnameVerifier implements HostnameVerifier {
    @Override
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
}

builder.sslSocketFactory(getPinnedCertSslSocketFactory())
        .hostnameVerifier(new TrustAllHostnameVerifier());
票数 -2
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/38451981

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档