javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

語言: CN / TW / HK
時間 2021-08-16 10:01:26
主題:

記錄一個生產環境遇到的問題,java呼叫https請求異常:

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
	at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
	at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:126)
	at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:437)
	at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
	at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
	at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:643)
	at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)
	at com.springairlines.imonitor.monitorTask.HttpsIMonitorTask.httpsGetRequest(Unknown Source)
	at com.springairlines.imonitor.monitorTask.HttpsIMonitorTask.run(Unknown Source)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)

請求程式碼如下:

HttpPost httpPost = new HttpPost(iURL);
SSLClient httpclient = new SSLClient();
httpPost.getParams().setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT,defaultConnectTime);
httpPost.getParams().setParameter(CoreConnectionPNames.SO_TIMEOUT,socketTime);

httpPost.setHeader("Cache-Control", "no-cache");
httpPost.setHeader("Charset","UTF-8");
httpPost.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36");
httpPost.setHeader("Content-Type", "application/json;charset=UTF-8");
httpPost.setEntity(jsonParam);
HttpResponse response = httpclient.execute(httpPost);
int statuscode = response.getStatusLine().getStatusCode()

解決辦法:

在請求頭中新增: Upgrade-Insecure-Requests: 1

原因:各種解釋一大推,請自行搜尋。