JDK安全證書一個錯誤訊息 No subject alternative names present
我使用Java消費某網站一個Restful API時,遇到這個錯誤:
21:31:16.383 [main] DEBUG org.springframework.web.client.RestTemplate - Created GET request for " https://127.0.0.1:5031/commerce/product"
21:31:16.388 [main] DEBUG org.springframework.web.client.RestTemplate - Setting request Accept header to [text/plain, application/json, application/*+json, /]
Exception in thread "main" org.springframework.web.client.ResourceAccessException: I/O error on GET request for " https://127.0.0.1:5031/commerce/product": java.security.cert.CertificateException: No subject alternative names present; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:673)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:620)
at org.springframework.web.client.RestTemplate.getForEntity(RestTemplate.java:319)
at com.sap.prolikeService.service.impl.CommerceProductService.getProductDetailByID(CommerceProductService.java:23)
at com.sap.prolikeService.sandbox.SandboxTest.getProductDetailTest(SandboxTest.java:45)
at com.sap.prolikeService.sandbox.SandboxTest.main(SandboxTest.java:49)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1506)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:78)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:659)
... 5 more
Caused by: java.security.cert.CertificateException: No subject alternative names present
at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:144)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:93)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:200)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1488)
... 19 more
錯誤的核心就一句:No subject alternative names present
解決方案:重新生成證照,將缺失的IP地址包含在證照的extension部分即可。命令列如下:
keytool -genkey -alias tomcat2 -keyalg RSA -keystore ./jerry2.keystore -ext SAN=dns:test.abc.com,ip:127.0.0.1
證照生成後,在Subject Alternative names區域能看到IP地址:
之後原始的錯誤就消失了:
要獲取更多Jerry的原創文章,請關注公眾號"汪子熙":
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/24475491/viewspace-2668581/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- SSL - SSLHandshakeException: No subject alternative names presentException
- 【java細節】Java程式碼忽略https證照:No subject alternative names presentJavaHTTP
- SSL - SSLHandshakeException: No subject alternative names matching IP address foundException
- Laravel 的 Validation 檢索驗證錯誤訊息Laravel
- SAP錯誤訊息除錯之七種武器:讓所有的錯誤訊息都能被定位除錯
- 網頁證書錯誤怎麼回事 證書錯誤的解決辦法網頁
- Angular No provider for EffectsRootModule錯誤訊息AngularIDE
- Angular 伺服器端渲染應用的一個錯誤訊息 - localStorage is not definedAngular伺服器
- WCF分散式安全開發實踐(12):訊息安全模式之自定義X509證書驗證分散式模式
- Go 語言的錯誤訊息處理Go
- SSL證書是一個域名一個證書嗎?多個域名能用一張SSL證書嗎?
- 錯誤訊息sales area is not assigned for the header productHeader
- 如何處理錯誤訊息PleaseinstalltheLinuxkernelheaderfilesLinuxHeader
- Laravel 5.5 Validator 自定義錯誤返回訊息Laravel
- Angular 錯誤訊息:ERROR Error NullInjectorError No provider for XXAngularErrorNullIDE
- mysql 一個錯誤MySql
- “tar: Removing leading `/’ from member names”的錯誤REM
- 一聲嘆息,jdk竟然有4個randomJDKrandom
- iPhone14:一個好訊息,一個壞訊息!果粉:習慣了“擠牙膏”iPhone
- Java安全——訊息摘要Java
- 使用 Spring Boot 提供API錯誤訊息的好方式Spring BootAPI
- 如何根據 SAP UI5 框架程式碼丟擲的錯誤訊息,反查出是哪一行程式碼引起的錯誤訊息試讀版UI框架行程
- SAP OData 服務在 gateway 層出錯,應該如何處理?通過一個錯誤訊息來舉例說明Gateway
- 微信開發中的訊息驗證與訊息回覆
- 大多數 SSL 證書籤發錯誤的主要原因是軟體錯誤
- 解決IE上登陸oracle OEM時報:“證書錯誤,導航已阻止”的錯誤Oracle
- SSL證書7大常見錯誤及解決方法!
- IE 瀏覽器證書錯誤常見問題解答瀏覽器
- cypress 的錯誤訊息 - the element has become detached or removed from the domREM
- 如何處理錯誤訊息Please install the gcc make perl packagesGCPackage
- Storm保證訊息處理ORM
- MAC 碼(訊息認證碼)Mac
- 程式碼安全測試第二十六期:透過錯誤訊息導致的資訊暴露
- 使用Keytool為JDK新增證書JDK
- 使用 acme 指令碼給專案新增 https 證書排查錯誤一例ACM指令碼HTTP
- 訊息佇列之如何保證訊息的可靠傳輸佇列
- 訊息佇列-如何保證訊息的不被重複消費(如何保證訊息消費的冪等性)佇列
- ca證書怎樣理解?與恆訊科技的ssl證書一樣嗎?