使用okhttp请求第三方https接口返回异常
- sun.security.validator.ValidatorException: PKIX path building failed:
- sun.security.provider.certpath.SunCertPathBuilderException:
- unable to find valid certification path to requested target
意思就是非安全的调用,java不认识这个接口证书。java security仓库中没有这个第三方站点的SSL证书,调用失败。
这里为了简单,我直接忽略ssl证书认证,代码如下
- import okhttp3.ConnectionPool;
- import okhttp3.OkHttpClient;
-
- import java.net.Proxy;
- import java.security.KeyStore;
- import java.security.SecureRandom;
- import java.security.cert.X509Certificate;
- import java.util.Arrays;
- import java.util.concurrent.TimeUnit;
- import javax.net.ssl.*;
-
- /**
- * @author 白**
- * @date 2024-06-12 14:46
- */
- public class OkHttpUtil {
- private static OkHttpClient okHttpClient;
-
- public static ConnectionPool connectionPool = new ConnectionPool(10, 5, TimeUnit.MINUTES);
-
- public static OkHttpClient getInstance() {
- if (okHttpClient == null) { //加同步安全
- synchronized (OkHttpClient.class) {
- if (okHttpClient == null) { //okhttp可以缓存数据....指定缓存路径
- okHttpClient = new OkHttpClient.Builder()//构建器
- .proxy(Proxy.NO_PROXY) //来屏蔽系统代理
- .connectionPool(connectionPool)
- .sslSocketFactory(getSSLSocketFactory(), getX509TrustManager())
- .hostnameVerifier(getHostnameVerifier())
- .connectTimeout(600, TimeUnit.SECONDS)//连接超时
- .writeTimeout(600, TimeUnit.SECONDS)//写入超时
- .readTimeout(600, TimeUnit.SECONDS)//读取超时
- .build();
- okHttpClient.dispatcher().setMaxRequestsPerHost(200);
- okHttpClient.dispatcher().setMaxRequests(200);
- }
- }
- }
- return okHttpClient;
- }
-
- /**
- * description 忽略https证书验证
- */
- private static HostnameVerifier getHostnameVerifier() {
- HostnameVerifier hostnameVerifier = new HostnameVerifier() {
- @Override
- public boolean verify(String s, SSLSession sslSession) {
- return true;
- }
- };
- return hostnameVerifier;
- }
- /**
- * description 忽略https证书验证
- */
- private static SSLSocketFactory getSSLSocketFactory() {
- try {
- SSLContext sslContext = SSLContext.getInstance("SSL");
- sslContext.init(null, getTrustManager(), new SecureRandom());
- return sslContext.getSocketFactory();
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
- private static X509TrustManager getX509TrustManager() {
- X509TrustManager trustManager = null;
- try {
- TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- trustManagerFactory.init((KeyStore) null);
- TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
- if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
- throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
- }
- trustManager = (X509TrustManager) trustManagers[0];
- } catch (Exception e) {
- e.printStackTrace();
- }
-
- return trustManager;
- }
-
- private static TrustManager[] getTrustManager() {
- TrustManager[] trustAllCerts = new TrustManager[]{
- new X509TrustManager() {
- @Override
- public void checkClientTrusted(X509Certificate[] chain, String authType) {
- }
-
- @Override
- public void checkServerTrusted(X509Certificate[] chain, String authType) {
- }
-
- @Override
- public X509Certificate[] getAcceptedIssuers() {
- return new X509Certificate[]{};
- }
- }
- };
- return trustAllCerts;
- }
- }