okhttp - HTTP FAILED: javax.net.ssl.SSLPeerUnverifiedException: 未能找到签署证书的可信证书:

【问题标题】:okhttp - HTTP FAILED: javax.net.ssl.SSLPeerUnverifiedException: Failed to find a trusted cert that signed Certificate:okhttp - HTTP FAILED: javax.net.ssl.SSLPeerUnverifiedException: 未能找到签署证书的可信证书:
【发布时间】:2021-01-27 22:42:06
【问题描述】:

您好,我在调用特定的Rest 端点时遇到此异常,但我被困在javax.net.ssl.SSLPeerUnverifiedException,我仅在 api 级别 21 (Android 5.0) 中遇到此异常。

我们还在我们的应用中为 http 客户端添加了一个自定义信任管理器

fun OkHttpClient.Builder.ignoreAllSSLErrors(): OkHttpClient.Builder {
    val naiveTrustManager = object : X509TrustManager {
        override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()
        override fun checkClientTrusted(certs: Array<X509Certificate>, authType: String) = Unit
        override fun checkServerTrusted(certs: Array<X509Certificate>, authType: String) = Unit
    }

    val insecureSocketFactory = SSLContext.getInstance("TLSv1.2").apply {
        val trustAllCerts = arrayOf<TrustManager>(naiveTrustManager)
        init(null, trustAllCerts, SecureRandom())
    }.socketFactory

    sslSocketFactory(insecureSocketFactory, naiveTrustManager)
    hostnameVerifier(HostnameVerifier { _, _ -> true })
    return this
}

这是异常的stackTrace:

D/OkHttp: <-- HTTP FAILED: javax.net.ssl.SSLPeerUnverifiedException: Failed to find a trusted cert that signed Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                13:ea:28:70:5b:f4:ec:ed:0c:36:63:09:80:61:43:36
        Signature Algorithm: sha384WithRSAEncryption
            Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
            Validity
                Not Before: May 30 10:48:38 2000 GMT
                Not After : May 30 10:48:38 2020 GMT
            Subject: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority

如果需要,我可以添加更多详细信息,谢谢

【问题讨论】:

    标签: android rest ssl okhttp


    【解决方案1】:

    这是因为旧设备上的 CA 证书已过期。见How to trust SSL certificates with cross-signed root expired on android <= 5

    但不清楚为什么您的不安全设置不起作用。你还没有提供可用的复制品,所以除了猜测之外很难做更多的事情。

    【讨论】:

      猜你喜欢
      • 2018-09-28
      • 2019-06-18
      • 2016-01-09
      • 1970-01-01
      • 2015-11-25
      • 1970-01-01
      • 1970-01-01
      • 2012-10-31
      • 2016-09-28
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode