钉钉开放平台demo调试异常问题解决:hostname in certificate didn't match

时间:2023-03-08 18:09:30

今天研究钉钉的开放平台,结果一个demo整了半天,这帮助系统写的也很难懂。遇到两个问题:

1、首先是执行demo时报unable to find valid certification path to requested target,错误信息如下:

request url=https://oapi.dingtalk.com/gettoken?corpid=...略...&corpsecret=...略..., exception, msg=sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

只不过经研究,按网上的方式将证书导致到信任库中也没用,于是就找了段代码直接跳过

2、但是报下面这个错:

request url=https://oapi.dingtalk.com/get_jsapi_ticket?type=jsapi&access_token=2458f4d239173a12809cc94d1915d3b7,
exception, msg=hostname in certificate didn't match: <oapi.dingtalk.com> != <*.laiwang.com> OR <*.laiwang.com>

具体没空研究,找到下面代码解决:

    private static CloseableHttpClient getHttpClient() {

        RegistryBuilder<ConnectionSocketFactory> registryBuilder = RegistryBuilder.<ConnectionSocketFactory>create();

        ConnectionSocketFactory plainSF = new PlainConnectionSocketFactory();

        registryBuilder.register("http", plainSF);

        //指定信任密钥存储对象和连接套接字工厂

        try {

            KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());

            //信任任何链接

            TrustStrategy anyTrustStrategy = new TrustStrategy() {

                @Override

                public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

                    return true;

                }

            };

            SSLContext sslContext = SSLContexts.custom().useTLS().loadTrustMaterial(trustStore, anyTrustStrategy).build();

            LayeredConnectionSocketFactory sslSF = new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

            registryBuilder.register("https", sslSF);

        } catch (KeyStoreException e) {

            throw new RuntimeException(e);

        } catch (KeyManagementException e) {

            throw new RuntimeException(e);

        } catch (NoSuchAlgorithmException e) {

            throw new RuntimeException(e);

        }

        Registry<ConnectionSocketFactory> registry = registryBuilder.build();

        //设置连接管理器

        PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(registry);

//        connManager.setDefaultConnectionConfig(connConfig);

//        connManager.setDefaultSocketConfig(socketConfig);

        //构建客户端

        return HttpClientBuilder.create().setConnectionManager(connManager).build();

    }

参考:http://blog.****.net/shenyunsese/article/details/41075579