javax.net.ssl.SSLException: java.lang.UnsupportedOperationException 

 1 Loading KeyStore C:\Tool\jdk1.7.0_71\jre\lib\security\jssecacerts...
 2 Opening connection to www.google.com:443...
 3 Starting SSL handshake...
 4 
 5 javax.net.ssl.SSLException: java.lang.UnsupportedOperationException
 6     at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
 7     at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
 8     at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1842)
 9     at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1825)
10     at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1346)
11     at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
12     at InstallCert.main(InstallCert.java:73)
13 Caused by: java.lang.UnsupportedOperationException
14     at InstallCert$SavingTrustManager.getAcceptedIssuers(InstallCert.java:159)
15     at sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:926)
16     at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:872)
17     at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:814)
18     at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1421)
19     at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
20     at sun.security.ssl.Handshaker.processLoop(Handshaker.java:878)
21     at sun.security.ssl.Handshaker.process_record(Handshaker.java:814)
22     at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
23     at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
24     at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
25     ... 2 more
26 
27 Server sent 1 certificate(s):
28 
29  1 Subject CN=www.amazon.com, OU=Cyber, O=Amazon, L=Newark, ST=NY, C=US
30    Issuer  CN=www.amazon.com, OU=Cyber, O=Amazon, L=Newark, ST=NY, C=US
31    sha1    c4 1e 51 d5 ae e6 e5 0b 34 5b 99 24 39 8c df e7 2e 57 77 5d 
32    md5     6d 89 00 ac 2e 72 71 c2 9a 95 7b 6c f2 1d bd 26 
33 
34 Enter certificate to add to trusted keystore or 'q' to quit: [1]
Error Info
  1 import java.io.BufferedReader;
  2 import java.io.File;
  3 import java.io.FileInputStream;
  4 import java.io.FileOutputStream;
  5 import java.io.InputStream;
  6 import java.io.InputStreamReader;
  7 import java.io.OutputStream;
  8 import java.security.KeyStore;
  9 import java.security.MessageDigest;
 10 import java.security.cert.CertificateException;
 11 import java.security.cert.X509Certificate;
 12 
 13 import javax.net.ssl.SSLContext;
 14 import javax.net.ssl.SSLException;
 15 import javax.net.ssl.SSLSocket;
 16 import javax.net.ssl.SSLSocketFactory;
 17 import javax.net.ssl.TrustManager;
 18 import javax.net.ssl.TrustManagerFactory;
 19 import javax.net.ssl.X509TrustManager;
 20 
 21 public class InstallCert {
 22 
 23     public static void main(String[] args) throws Exception {
 24         args[0]="www.google.com";
 25         String host;
 26         int port;
 27         char[] passphrase;
 28         //System.setProperty("javax.net.ssl.trustStore", "C:\\Users\\PL62716\\workspace\\urlAutoConnect\\jssecacerts");
 29         if ((args.length == 1) || (args.length == 2)) {
 30             String[] c = args[0].split(":");
 31             host = c[0];
 32             port = (c.length == 1) ? 443 : Integer.parseInt(c[1]);
 33             String p = (args.length == 1) ? "changeit" : args[1];
 34             passphrase = p.toCharArray();
 35         } else {
 36             System.out
 37                     .println("Usage: java InstallCert <host>[:port] [passphrase]");
 38             return;
 39         }
 40 
 41         File file = new File("jssecacerts");
 42         if (file.isFile() == false) {
 43             char SEP = File.separatorChar;
 44             File dir = new File(System.getProperty("java.home") + SEP + "lib"
 45                     + SEP + "security");
 46             file = new File(dir, "jssecacerts");
 47             if (file.isFile() == false) {
 48                 file = new File(dir, "cacerts");
 49             }
 50         }
 51         System.out.println("Loading KeyStore " + file + "...");
 52         InputStream in = new FileInputStream(file);
 53         KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
 54         ks.load(in, passphrase);
 55         in.close();
 56 
 57         SSLContext context = SSLContext.getInstance("TLS");
 58         TrustManagerFactory tmf = TrustManagerFactory
 59                 .getInstance(TrustManagerFactory.getDefaultAlgorithm());
 60         tmf.init(ks);
 61         X509TrustManager defaultTrustManager = (X509TrustManager) tmf
 62                 .getTrustManagers()[0];
 63         SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
 64         context.init(null, new TrustManager[] { tm }, null);
 65         SSLSocketFactory factory = context.getSocketFactory();
 66 
 67         System.out
 68                 .println("Opening connection to " + host + ":" + port + "...");
 69         SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
 70         socket.setSoTimeout(10000);
 71         try {
 72             System.out.println("Starting SSL handshake...");
 73             socket.startHandshake();
 74             socket.close();
 75             System.out.println();
 76             System.out.println("No errors, certificate is already trusted");
 77         } catch (SSLException e) {
 78             System.out.println();
 79             e.printStackTrace(System.out);
 80         }
 81 
 82         X509Certificate[] chain = tm.chain;
 83         if (chain == null) {
 84             System.out.println("Could not obtain server certificate chain");
 85             return;
 86         }
 87 
 88         BufferedReader reader = new BufferedReader(new InputStreamReader(
 89                 System.in));
 90 
 91         System.out.println();
 92         System.out.println("Server sent " + chain.length + " certificate(s):");
 93         System.out.println();
 94         MessageDigest sha1 = MessageDigest.getInstance("SHA1");
 95         MessageDigest md5 = MessageDigest.getInstance("MD5");
 96         for (int i = 0; i < chain.length; i++) {
 97             X509Certificate cert = chain[i];
 98             System.out.println(" " + (i + 1) + " Subject "
 99                     + cert.getSubjectDN());
100             System.out.println("   Issuer  " + cert.getIssuerDN());
101             sha1.update(cert.getEncoded());
102             System.out.println("   sha1    " + toHexString(sha1.digest()));
103             md5.update(cert.getEncoded());
104             System.out.println("   md5     " + toHexString(md5.digest()));
105             System.out.println();
106         }
107 
108         System.out
109                 .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");
110         String line = reader.readLine().trim();
111         int k;
112         try {
113             k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;
114         } catch (NumberFormatException e) {
115             System.out.println("KeyStore not changed");
116             return;
117         }
118 
119         X509Certificate cert = chain[k];
120         String alias = host + "-" + (k + 1);
121         ks.setCertificateEntry(alias, cert);
122 
123         OutputStream out = new FileOutputStream("jssecacerts");
124         ks.store(out, passphrase);
125         out.close();
126 
127         System.out.println();
128         System.out.println(cert);
129         System.out.println();
130         System.out
131                 .println("Added certificate to keystore 'jssecacerts' using alias '"
132                         + alias + "'");
133     }
134 
135     private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();
136 
137     private static String toHexString(byte[] bytes) {
138         StringBuilder sb = new StringBuilder(bytes.length * 3);
139         for (int b : bytes) {
140             b &= 0xff;
141             sb.append(HEXDIGITS[b >> 4]);
142             sb.append(HEXDIGITS[b & 15]);
143             sb.append(' ');
144         }
145         return sb.toString();
146     }
147 
148     private static class SavingTrustManager implements X509TrustManager {
149 
150         private final X509TrustManager tm;
151         private X509Certificate[] chain;
152 
153         SavingTrustManager(X509TrustManager tm) {
154             this.tm = tm;
155         }
156 
157         public X509Certificate[] getAcceptedIssuers() {
158             //return new X509Certificate[0];
159             throw new UnsupportedOperationException();
160         }
161 
162         public void checkClientTrusted(X509Certificate[] chain, String authType)
163                 throws CertificateException {
164             throw new UnsupportedOperationException();
165         }
166 
167         public void checkServerTrusted(X509Certificate[] chain, String authType)
168                 throws CertificateException {
169             this.chain = chain;
170             tm.checkServerTrusted(chain, authType);
171         }
172     }
173 
174 }
Java Code

Resolve method : 

        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
            //throw new UnsupportedOperationException();
        }
Override getAcceptedIssuers Method

Normal log :

Loading KeyStore C:\Tool\jdk1.7.0_71\jre\lib\security\jssecacerts...
Opening connection to www.google.com:443...
Starting SSL handshake...

No errors, certificate is already trusted

Server sent 1 certificate(s):

 1 Subject CN=www.amazon.com, OU=Cyber, O=Amazon, L=Newark, ST=NY, C=US
   Issuer  CN=www.amazon.com, OU=Cyber, O=Amazon, L=Newark, ST=NY, C=US
   sha1    c4 1e 51 d5 ae e6 e5 0b 34 5b 99 24 39 8c df e7 2e 57 77 5d 
   md5     6d 89 00 ac 2e 72 71 c2 9a 95 7b 6c f2 1d bd 26 

Enter certificate to add to trusted keystore or 'q' to quit: [1]
Issue Fixed Log

 

posted @ 2016-09-06 15:28  天天好心情啊  阅读(2110)  评论(0编辑  收藏  举报