问题原因:
在Java8及高版本以上的版本在源应用程序不信任目标应用程序的证书,因为在源应用程序的JVM信任库中找不到该证书或证书链。也就是目标站点启用了HTTPS 而缺少安全证书时出现的异常
解决方案:
我使用的是忽略证书验证
public class Base64Util {
public static String getBase64FromUrl(String fileUrl) {
InputStream inputStream = null;
byte[] data = null;
ByteArrayOutputStream swapStream = null;
HttpsURLConnection conn = null;
try {
URL url = new URL(fileUrl);
//判断当前文件url是否是https
if (fileUrl.contains("https:")){
//是https
//绕过证书
SSLContext context = createIgnoreVerifySSL();
conn = (HttpsURLConnection) url.openConnection();
conn.setSSLSocketFactory(context.getSocketFactory());
inputStream = conn.getInputStream();
}else {
//当前链接是http
inputStream = url.openConnection().getInputStream();
}
swapStream = new ByteArrayOutputStream();
byte[] buff = new byte[100];
int rc = 0;
while ((rc = inputStream.read(buff, 0, 100)) > 0) {
swapStream.write(buff, 0, rc);
}
data = swapStream.toByteArray();
} catch (Exception e) {
e.printStackTrace();
} finally {
IOUtils.closeQuietly(inputStream);
IOUtils.closeQuietly(swapStream);
}
return new String(Base64.encodeBase64(data));
}
//绕过SSL、TLS证书
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("TLS");
// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sc.init(null, new TrustManager[]{trustManager}, null);
return sc;
}
}
