问题
I always get the same error whens try to get a https resource:
org.springframework.web.client.ResourceAccessException: I/O error: No peer certificate; nested exception is javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
I have a self-signed virtual host where my app runs, the app works fine on http but I need https.
Here is my code in android app:
mRestTemplate = new RestTemplate();
mRestTemplate.getMessageConverters().add(new GsonHttpMessageConverter());
mRestTemplate.setRequestFactory(new HttpComponentsClientHttpRequestFactory());
final ResponseObject responseObject = mRestTemplate.postForObject(APP_URL, requestObject, ResponseObject.class);
Update 1
I tried the solution proposed by @nilesh and has not worked.
I tried this solution with the same error
HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, HTTP.DEFAULT_CONTENT_CHARSET); HttpProtocolParams.setUseExpectContinue(params, true); SchemeRegistry schReg = new SchemeRegistry(); schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); schReg.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443)); ClientConnectionManager conMgr = new ThreadSafeClientConnManager(params, schReg); client = DefaultHttpClient(conMgr, params); final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(); factory.setHttpClient(client); mRestTemplate = new RestTemplate(); mRestTemplate.setRequestFactory(factory);I tried this solution without success and the same error
- Grab all required certificates (root and any intermediate CA’s)
- Create a keystore with keytool and the BouncyCastle provider and import the certs
- Load the keystore in your android app and use it for the secured connections Don’t use the standard java.net.ssl.HttpsURLConnection for the secure connection. Use the Apache HttpClient (Version 4 atm) library, which is already built-in in android. It’s built on top of the java connection libraries and is, in my opinion, faster, better modularized and easier to understand.
回答1:
Run the method below before making any Http request using RestTemplate. This works for me.
public void trustSelfSignedSSL() {
try {
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs,
String string) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] xcs,
String string) throws CertificateException {
}
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws java.security.cert.CertificateException {
}
};
ctx.init(null, new TrustManager[] { tm }, null);
SSLContext.setDefault(ctx);
} catch (Exception ex) {
throw new RuntimeException("Exception occurred ",ex)
}
}
来源:https://stackoverflow.com/questions/18476073/spring-resttemplate-i-o-error-no-peer-certificate