java apache httpclient 4.5.13 SSLPeerUnverifiedException:的证书< foo.s3.amazonaws.com>与任何主题备用名称都不匹配:[]

jv4diomz  于 2023-08-01  发布在  Java
关注(0)|答案(1)|浏览(224)

我已经更改了我的SSLConnectionSocketFactory以使用DefaultHostNameVerifier而不是NoopHostNameVerifier。

  1. final SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1.2" }, null, NoopHostnameVerifier.INSTANCE);
  3. final SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1.2" }, null, new DefaultHostnameVerifier(PublicSuffixMatcherLoader.getDefault()));

字符串
从那时起,我在执行验证时遇到了问题:“https://foo.s3.amazonaws.com/fileName.csv“我得到一个错误:

  1. Certificate for <foo.s3.amazonaws.com> doesn't match any of the subject alternative names:[*.s3.amazonaws.com, s3.amazonaws.com]


你知道是什么问题吗

  • 我使用的是apache httpclient 4.5.13,它只发生在生产环境中(不能在本地复制)。
  1. javax.net.ssl.SSLPeerUnverifiedException: Certificate for <foo.s3.amazonaws.com> doesn't match any of the subject alternative names: [*.s3.amazonaws.com, s3.amazonaws.com]
  2.     at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507)
  3.     at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437)
  4.     at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
  5.     at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
  6.     at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
  7.     at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
  8.     at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
  9.     at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
  10.     at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
  11.     at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
  12.     at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
  13.     at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)

Java

1条答案

按热度按时间
abithluo

abithluo1#

这个bug是由athena-jdbc依赖引起的,它在项目的其他地方使用,并且有自己的public-suffix-list。这个函数PublicSuffixMatcherLoader.getDefault()读取athena jdbc的public-suffix-list,而不是apache的http-client。

赞(0)分享  回复(0)举报  2023-08-01
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com