最近在調用微信公衆平臺高級羣發接口之一:
https://file.api.weixin.qq.com/cgi-bin/media/uploadvideo?access_token=ACCESS_TOKEN 時,https訪問拋出異常:
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
異常中出現關鍵字:unrecognized 未被承認的name。
google之,處理辦法,代碼加入:
//bug fiexd for: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
System.setProperty ("jsse.enableSNIExtension", "false");
再次調用該接口,拋出新的異常:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching file.api.weixin.qq.com found.
繼續處理,代碼加入:
URL url = new URL(requestUrl);
httpUrlConn = (HttpsURLConnection)url.openConnection();
httpUrlConn.setSSLSocketFactory(ssf);
//bug fixed for: java.security.cert.CertificateException: No subject alternative DNS name matching
httpUrlConn.setHostnameVerifier(new CustomizedHostnameVerifier());
其中CustomizedHostnameVerifier類如下:
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
/**
* HostnameVerifier
* bug fixed : <http://iteches.com/archives/45015>
* @author will_awoke
* @version 2014-8-15
* @see CustomizedHostnameVerifier
* @since
*/
public class CustomizedHostnameVerifier implements HostnameVerifier
{
@Override
public boolean verify(String arg0, SSLSession arg1)
{
return true;
}
}
原因:
and then apply this class to your single SSL connection
HttpsURLConnection connection = (HttpsURLConnection) new URL("
https://url").openConnection();
connection.setHostnameVerifier(new CustomizedHostNameVerifier());
or apply to all SLL connection
HttpsURLConnection.setDefaultHostnameVerifier(new CustomizedHostnameVerifier());
However this method might pose a security risk because basically we don’t verify the hostname anymore. The server may use other website’s certificate and the program will still accept it.
簡而言之:
因爲微信的這個接口是未認證https不安全的,所有需要代碼中需要dont verify。
參考:
http://iteches.com/archives/45015
http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0