OkHttp报错javax.net.ssl.SSLHandshakeException: Handshake failed

在使用OKHTTP的时候,如果是系统APP就会有ssl证书验证的错误：

 W/System.err: javax.net.ssl.SSLHandshakeException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: Certificate not valid until Fri Sep 22 00:00:00 GMT+00:00 2017 (compared to Sun Jan 01 02:18:25 GMT+00:00 2017)
 W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
 W/System.err: at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:281)
 W/System.err: at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:251)
 W/System.err: at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:151)
 W/System.err: at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:195)
 W/System.err: at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:121)
 W/System.err: at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:100)
 W/System.err: at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
 W/System.err: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
 W/System.err: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
 W/System.err: at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)
 W/System.err: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
 W/System.err: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
 W/System.err: at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
 W/System.err: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
 W/System.err: at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:120)
 W/System.err: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
 W/System.err: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
 W/System.err: at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:185)
 W/System.err: at okhttp3.RealCall.execute(RealCall.java:69)
 W/System.err: at com.trutalk.rollcall.connect.NetConnect.getLoginToken(NetConnect.java:357)
 W/System.err: at com.trutalk.rollcall.activity.LoginActivity$UserLoginTask.login(LoginActivity.java:402)
 W/System.err: at com.trutalk.rollcall.activity.LoginActivity$UserLoginTask.doInBackground(LoginActivity.java:334)
 W/System.err: at com.trutalk.rollcall.activity.LoginActivity$UserLoginTask.doInBackground(LoginActivity.java:316)
 W/System.err: at android.os.AsyncTask$2.call(AsyncTask.java:295)
 W/System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:237)
 W/System.err: at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:234)
 W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
 W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
 W/System.err: at java.lang.Thread.run(Thread.java:818)
 W/System.err: Caused by: java.security.cert.CertificateException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: Certificate not valid until Fri Sep 22 00:00:00 GMT+00:00 2017 (compared to Sun Jan 01 02:18:25 GMT+00:00 2017)
 W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:350)
 W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:225)
 W/System.err: at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
 W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556)
 W/System.err: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
 W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
 W/System.err: ... 29 more
 W/System.err: Caused by: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: Certificate not valid until Fri Sep 22 00:00:00 GMT+00:00 2017 (compared to Sun Jan 01 02:18:25 GMT+00:00 2017)
 W/System.err: at com.android.org.bouncycastle.jce.provider.RFC3280CertPathUtilities.processCertA(RFC3280CertPathUtilities.java:1523)
 W/System.err: at com.android.org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:341)
 W/System.err: at java.security.cert.CertPathValidator.validate(CertPathValidator.java:191)
 W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:337)
 W/System.err: ... 34 more
 W/System.err: Caused by: java.security.cert.CertificateNotYetValidException: Certificate not valid until Fri Sep 22 00:00:00 GMT+00:00 2017 (compared to Sun Jan 01 02:18:25 GMT+00:00 2017)
 W/System.err: at com.android.org.conscrypt.OpenSSLX509Certificate.checkValidity(OpenSSLX509Certificate.java:229)
 W/System.err: at com.android.org.bouncycastle.jce.provider.RFC3280CertPathUtilities.processCertA(RFC3280CertPathUtilities.java:1514)
 W/System.err: ... 37 more

是javax.net.ssl.SSLHandshakeException的问题，是服务器端使用了未被信任的证书，一种简单快速的解决方案。临时解决办法如下，这是一种https不安全的解决方案：

修改OkHttpClient mOkHttpClient = new OkHttpClient();

OkHttpClient mOkHttpClient = getUnsafeOkHttpClient();

private static OkHttpClient getUnsafeOkHttpClient() {
        try {
            // Create a trust manager that does not validate certificate chains
            final TrustManager[] trustAllCerts = new TrustManager[] {
                    new X509TrustManager() {
                        @Override
                        public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
                        }

                        @Override
                        public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
                        }

                        @Override
                        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                            return new java.security.cert.X509Certificate[]{};
                        }
                    }
            };

            // Install the all-trusting trust manager
            final SSLContext sslContext = SSLContext.getInstance("SSL");
            sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
            // Create an ssl socket factory with our all-trusting manager
            final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            builder.sslSocketFactory(sslSocketFactory);
            builder.hostnameVerifier(new HostnameVerifier() {
                @Override
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            });

            OkHttpClient okHttpClient = builder.build();
            return okHttpClient;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

OkHttp报错javax.net.ssl.SSLHandshakeException: Handshake failed

OkHttp报错javax.net.ssl.SSLHandshakeException: Handshake failed

results matching ""

No results matching ""