javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated issue

问题

I am using HttpClient-4.2.1 and already added certificate on server but still I am getting below error.

I have read existing issue saying to add TrustManager (X509TrustManager) but as per my thinking this is not solution. If I am wrong please correct me.

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)

at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)

at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)

at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)

at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)

at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)

at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)

at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)

at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)

at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)

回答1:

You can use this code. Hope it will solve your issue.

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
......
private static HttpClient getHttpClient() {

    try {
        SSLContext sslContext = SSLContext.getInstance("SSL");

        sslContext.init(null,
                new TrustManager[]{new X509TrustManager() {
                    public X509Certificate[] getAcceptedIssuers() {

                        return null;
                    }

                    public void checkClientTrusted(
                            X509Certificate[] certs, String authType) {

                    }

                    public void checkServerTrusted(
                            X509Certificate[] certs, String authType) {

                    }
                }}, new SecureRandom());

        SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext,SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);



        HttpClient httpClient = HttpClientBuilder.create().setSSLSocketFactory(socketFactory).build();

        return httpClient;

    } catch (Exception e) {
        e.printStackTrace();
        return HttpClientBuilder.create().build();
    }
}

The exception will no longer be thrown, when the certification is expired, the browser will issues a warning about an expired certificate and let user confirm.

Resource Link:

1. Exception : javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

来源：https://stackoverflow.com/questions/37795204/javax-net-ssl-sslpeerunverifiedexception-peer-not-authenticated-issue