Backend DevelopmentC#.Net TutorialException when httpclient sends data to HTTPS to establish SSL connectionException when httpclient sends data to HTTPS to establish SSL connection
The exception information is as follows:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Cause: The server's certificate is not trusted. This is generally caused.
Use the KEYTOOL tool to create a certificate, and then start it with TOMCAT. When you open the website in the browser, a prompt that the certificate is not trusted will appear. Of course, when HTTPCLIENT is used to send data to the server HTTPS, HTTPCLIENT will also detect whether the server's certificate is trusted. If it is not trusted, the above exception will be thrown.
There are two solutions. One is to make the certificate trusted by the client. The other is to use HTTPCLIENT to send data without checking whether the server certificate is trusted.
The first method is to make the certificate trusted.
Find a formal CA to issue a certificate, or issue the certificate yourself (it can only be trusted on that client). I won’t talk about finding a formal CA to issue a certificate. For how to issue a certificate yourself, see my other articles.
I found that after I completed the certificate signed by myself, when I opened the server address from the client, the above error was no longer prompted, but I still could not send data. what is the reason? Because the certificate is trusted on the client operating system, but not trusted in JAVA's KEYSTORE, you need to import the server's certificate into the KEYSTORE library
Import method:
Open the command line window and go to
keytool -import -noprompt -keystore cacerts -storepass changeit -alias yourEntry1 -file your.cer
The last one is the certificate exported by the server, and the others can be defaulted.
It should be noted that if there are many JAVA versions installed on the client computer, make sure that the JAVA version of the certificate you import is the one used by your TOMCAT. Generally, TOMCAT uses the JAVA version pointed to by the environment variable.
If it is a TOMCAT server created in ECLIPSE, you will be asked to choose the default JRE or the pointed JAVA when creating a new one. You must choose the path pointing to the JAVA you just imported. Otherwise, the certificate library you imported will have no effect.
The second method is not to check whether the server certificate is trustworthy when using HTTPCLIENT
Extend the HttpClient class to automatically accept the certificate
Because this method automatically receives all certificates, there are certain security issues. So please carefully consider the security requirements of your system before using this method. The specific steps are as follows:
• Provide a custom socket factory (test.MySecureProtocolSocketFactory). This custom class must implement the interface org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory and call the custom X509TrustManager (test.MyX509TrustManager) in the class that implements the interface. These two classes can be obtained in the attachment attached to this article.
•Create an instance of org.apache.commons.httpclient.protocol.Protocol, specify the protocol name and default port number
Protocol myhttps = new Protocol("https", new MySecureProtocolSocketFactory (), 443);
•Register the https protocol object just created
Protocol.registerProtocol("https ", myhttps);
•Then open the https target address in the normal programming way, the code is as follows:
MySecureProtocolSocketFactory.java
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
public class MySecureProtocolSocketFactory implements SecureProtocolSocketFactory {
private SSLContext sslcontext = null;
private SSLContext createSSLContext() {
SSLContext sslcontext=null;
try {
sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
return sslcontext;
}
private SSLContext getSSLContext() {
if (this.sslcontext == null) {
this.sslcontext = createSSLContext();
}
return this.sslcontext;
}
public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
throws IOException, UnknownHostException {
return getSSLContext().getSocketFactory().createSocket(
socket,
host,
port,
autoClose
);
}
public Socket createSocket(String host, int port) throws IOException,
UnknownHostException {
return getSSLContext().getSocketFactory().createSocket(
host,
port
);
}
public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort)
throws IOException, UnknownHostException {
return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort);
}
public Socket createSocket(String host, int port, InetAddress localAddress,
int localPort, HttpConnectionParams params) throws IOException,
UnknownHostException, ConnectTimeoutException {
if (params == null) {
throw new IllegalArgumentException("Parameters may not be null");
}
int timeout = params.getConnectionTimeout();
SocketFactory socketfactory = getSSLContext().getSocketFactory();
if (timeout == 0) {
return socketfactory.createSocket(host, port, localAddress, localPort);
} else {
Socket socket = socketfactory.createSocket();
SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
SocketAddress remoteaddr = new InetSocketAddress(host, port);
socket.bind(localaddr);
socket.connect(remoteaddr, timeout);
return socket;
}
}
//自定义私有类
private static class TrustAnyTrustManager implements X509TrustManager {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
}
}
Mastering C# .NET Design Patterns: From Singleton to Dependency InjectionMay 09, 2025 am 12:15 AMDesign patterns in C#.NET include Singleton patterns and dependency injection. 1.Singleton mode ensures that there is only one instance of the class, which is suitable for scenarios where global access points are required, but attention should be paid to thread safety and abuse issues. 2. Dependency injection improves code flexibility and testability by injecting dependencies. It is often used for constructor injection, but it is necessary to avoid excessive use to increase complexity.
C# .NET in the Modern World: Applications and IndustriesMay 08, 2025 am 12:08 AMC#.NET is widely used in the modern world in the fields of game development, financial services, the Internet of Things and cloud computing. 1) In game development, use C# to program through the Unity engine. 2) In the field of financial services, C#.NET is used to develop high-performance trading systems and data analysis tools. 3) In terms of IoT and cloud computing, C#.NET provides support through Azure services to develop device control logic and data processing.
C# .NET Framework vs. .NET Core/5/6: What's the Difference?May 07, 2025 am 12:06 AM.NETFrameworkisWindows-centric,while.NETCore/5/6supportscross-platformdevelopment.1).NETFramework,since2002,isidealforWindowsapplicationsbutlimitedincross-platformcapabilities.2).NETCore,from2016,anditsevolutions(.NET5/6)offerbetterperformance,cross-
The Community of C# .NET Developers: Resources and SupportMay 06, 2025 am 12:11 AMThe C#.NET developer community provides rich resources and support, including: 1. Microsoft's official documents, 2. Community forums such as StackOverflow and Reddit, and 3. Open source projects on GitHub. These resources help developers improve their programming skills from basic learning to advanced applications.
The C# .NET Advantage: Features, Benefits, and Use CasesMay 05, 2025 am 12:01 AMThe advantages of C#.NET include: 1) Language features, such as asynchronous programming simplifies development; 2) Performance and reliability, improving efficiency through JIT compilation and garbage collection mechanisms; 3) Cross-platform support, .NETCore expands application scenarios; 4) A wide range of practical applications, with outstanding performance from the Web to desktop and game development.
Is C# Always Associated with .NET? Exploring AlternativesMay 04, 2025 am 12:06 AMC# is not always tied to .NET. 1) C# can run in the Mono runtime environment and is suitable for Linux and macOS. 2) In the Unity game engine, C# is used for scripting and does not rely on the .NET framework. 3) C# can also be used for embedded system development, such as .NETMicroFramework.
The .NET Ecosystem: C#'s Role and BeyondMay 03, 2025 am 12:04 AMC# plays a core role in the .NET ecosystem and is the preferred language for developers. 1) C# provides efficient and easy-to-use programming methods, combining the advantages of C, C and Java. 2) Execute through .NET runtime (CLR) to ensure efficient cross-platform operation. 3) C# supports basic to advanced usage, such as LINQ and asynchronous programming. 4) Optimization and best practices include using StringBuilder and asynchronous programming to improve performance and maintainability.
C# as a .NET Language: The Foundation of the EcosystemMay 02, 2025 am 12:01 AMC# is a programming language released by Microsoft in 2000, aiming to combine the power of C and the simplicity of Java. 1.C# is a type-safe, object-oriented programming language that supports encapsulation, inheritance and polymorphism. 2. The compilation process of C# converts the code into an intermediate language (IL), and then compiles it into machine code execution in the .NET runtime environment (CLR). 3. The basic usage of C# includes variable declarations, control flows and function definitions, while advanced usages cover asynchronous programming, LINQ and delegates, etc. 4. Common errors include type mismatch and null reference exceptions, which can be debugged through debugger, exception handling and logging. 5. Performance optimization suggestions include the use of LINQ, asynchronous programming, and improving code readability.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
