如何获得与 Java 在此异常中获得的主机名相同的主机名
How to get the same hostname that Java gets in this exception
下面是 Java 在检查密钥库中存储的证书的主机名时抛出的异常。我相信它正在检查 JKS 格式的密钥库。我想编写一个非常简单的 Java 程序来获取主机名,因为 Java 在此异常中获取主机名。
What line of code would get the hostname in Java so it's equivelant to this exception?
具体异常:
com.sun.jersey.api.client.ClientHandlerException:
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No name matching
shr-test.hosp.org found :
com.sun.jersey.api.client.ClientHandlerException:
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No name matching
shr-test.hosp.org found at
com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:155)
at com.sun.jersey.api.client.Client.handle(Client.java:652) at
com.sun.jersey.api.client.WebResource.handle(WebResource.java:682) at
com.sun.jersey.api.client.WebResource.access0(WebResource.java:74)
at
com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:560)
at net.shrine.client.JerseyHttpClient.post(JerseyHttpClient.scala:63)
at net.shrine.client.Poster.post(Poster.scala:10) at
net.shrine.adapter.client.RemoteAdapterClient$$anonfun$query$$anonfun$apply.apply(RemoteAdapterClient.scala:56)
at
net.shrine.adapter.client.RemoteAdapterClient$$anonfun$query$$anonfun$apply.apply(RemoteAdapterClient.scala:54)
at
scala.concurrent.impl.ExecutionContextImpl$DefaultThreadFactory$$anon$$anon.block(ExecutionContextImpl.scala:48)
at
scala.concurrent.forkjoin.ForkJoinPool.managedBlock(ForkJoinPool.java:3640)
at
scala.concurrent.impl.ExecutionContextImpl$DefaultThreadFactory$$anon.blockOn(ExecutionContextImpl.scala:45)
at scala.concurrent.package$.blocking(package.scala:54) at
net.shrine.adapter.client.RemoteAdapterClient$$anonfun$query.apply(RemoteAdapterClient.scala:54)
at
net.shrine.adapter.client.RemoteAdapterClient$$anonfun$query.apply(RemoteAdapterClient.scala:54)
at
scala.concurrent.impl.Future$PromiseCompletingRunnable.liftedTree1(Future.scala:24)
at
scala.concurrent.impl.Future$PromiseCompletingRunnable.run(Future.scala:24)
at
scala.concurrent.impl.ExecutionContextImpl$AdaptedForkJoinTask.exec(ExecutionContextImpl.scala:121)
at
scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
at
scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
at
scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
at
scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
Caused by: javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No name matching
shr-test.hosp.org found at
sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at
sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) at
sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) at
sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) at
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) at
sun.security.ssl.Handshaker.process_record(Handshaker.java:804) at
sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) at
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at
sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
at
com.sun.jersey.client.urlconnection.URLConnectionClientHandler.getOutputStream(URLConnectionClientHandler.java:238)
at
com.sun.jersey.api.client.CommittingOutputStream.commitStream(CommittingOutputStream.java:117)
at
com.sun.jersey.api.client.CommittingOutputStream.write(CommittingOutputStream.java:89)
at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221) at
sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291) at
sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295) at
sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:141) at
java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229) at
java.io.BufferedWriter.flush(BufferedWriter.java:254) at
com.sun.jersey.core.util.ReaderWriter.writeToAsString(ReaderWriter.java:191)
at
com.sun.jersey.core.provider.AbstractMessageReaderWriterProvider.writeToAsString(AbstractMessageReaderWriterProvider.java:128)
at
com.sun.jersey.core.impl.provider.entity.StringProvider.writeTo(StringProvider.java:88)
at
com.sun.jersey.core.impl.provider.entity.StringProvider.writeTo(StringProvider.java:58)
at
com.sun.jersey.api.client.RequestWriter.writeRequestEntity(RequestWriter.java:300)
at
com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:217)
at
com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:153)
... 21 more Caused by: java.security.cert.CertificateException: No
name matching shr-test.hosp.org found at
sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:208)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:93) at
sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
at
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203)
at
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 48 more
我问的原因是因为我的操作系统有两个不同的主机名值。系统主机名和 VServer 主机名。我能够使用配置层次结构来控制系统主机名。他们实际上是不同的。为了使证书与 Java 所看到的相匹配,我需要避免此异常并使它们匹配。
参考这个问题:
https://serverfault.com/questions/793689/getting-hostname-on-centos-6-6-from-command-line
还有这个……
https://serverfault.com/questions/793689/getting-hostname-on-centos-6-6-from-command-line
我在 CN(通用名称)字段中输入了我的名字。因此,当它执行 JKS 密钥库查找时,它找到了 "MacGyver" 而不是 CNAME。
根本原因是在创建非第三方(也称为使用自定义 CA 的自签名 SSL 证书)密钥库时出现软件错误。其中一个提示询问 "What is your first and last name?",当它 应该 询问 "What is the Common Name of the certificate?" 完成时,你 运行 keystore 上的 keytool -list 命令,该值被放入 "CN" 字段。请参阅下面输入的错误值,并在完成后注意 "CN" 值。小心这个。
keytool -genkey -keyalg RSA -alias shrine-snow -keystore shrine.keystore -storepass XXXXX! -validity 360 -keysize 2048
What is your first and last name?
[Unknown]: Angus MacGyver
What is the name of your organizational unit?
[Unknown]: Criminal Investigation
What is the name of your organization?
[Unknown]: Phoenix Foundation
What is the name of your City or Locality?
[Unknown]: Madison
What is the name of your State or Province?
[Unknown]: Wisconsin
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Angus MacGyver, OU=Criminal Investigation, O=Phoenix Foundation, L=Madison, ST=Wisconsin, C=US correct?
[no]: yes
Enter key password for <selfsigned>
(RETURN if same as keystore password):XXXXX!
Re-enter new password:XXXXX!
您可以使用以下方法查看商店的内容:
keytool -v -list -keystore shrine.keystore
下面是 Java 在检查密钥库中存储的证书的主机名时抛出的异常。我相信它正在检查 JKS 格式的密钥库。我想编写一个非常简单的 Java 程序来获取主机名,因为 Java 在此异常中获取主机名。
What line of code would get the hostname in Java so it's equivelant to this exception?
具体异常:
com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching shr-test.hosp.org found : com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching shr-test.hosp.org found at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:155) at com.sun.jersey.api.client.Client.handle(Client.java:652) at com.sun.jersey.api.client.WebResource.handle(WebResource.java:682) at com.sun.jersey.api.client.WebResource.access0(WebResource.java:74) at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:560) at net.shrine.client.JerseyHttpClient.post(JerseyHttpClient.scala:63) at net.shrine.client.Poster.post(Poster.scala:10) at net.shrine.adapter.client.RemoteAdapterClient$$anonfun$query$$anonfun$apply.apply(RemoteAdapterClient.scala:56) at net.shrine.adapter.client.RemoteAdapterClient$$anonfun$query$$anonfun$apply.apply(RemoteAdapterClient.scala:54) at scala.concurrent.impl.ExecutionContextImpl$DefaultThreadFactory$$anon$$anon.block(ExecutionContextImpl.scala:48) at scala.concurrent.forkjoin.ForkJoinPool.managedBlock(ForkJoinPool.java:3640) at scala.concurrent.impl.ExecutionContextImpl$DefaultThreadFactory$$anon.blockOn(ExecutionContextImpl.scala:45) at scala.concurrent.package$.blocking(package.scala:54) at net.shrine.adapter.client.RemoteAdapterClient$$anonfun$query.apply(RemoteAdapterClient.scala:54) at net.shrine.adapter.client.RemoteAdapterClient$$anonfun$query.apply(RemoteAdapterClient.scala:54) at scala.concurrent.impl.Future$PromiseCompletingRunnable.liftedTree1(Future.scala:24) at scala.concurrent.impl.Future$PromiseCompletingRunnable.run(Future.scala:24) at scala.concurrent.impl.ExecutionContextImpl$AdaptedForkJoinTask.exec(ExecutionContextImpl.scala:121) at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching shr-test.hosp.org found at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.getOutputStream(URLConnectionClientHandler.java:238) at com.sun.jersey.api.client.CommittingOutputStream.commitStream(CommittingOutputStream.java:117) at com.sun.jersey.api.client.CommittingOutputStream.write(CommittingOutputStream.java:89) at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221) at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291) at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295) at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:141) at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229) at java.io.BufferedWriter.flush(BufferedWriter.java:254) at com.sun.jersey.core.util.ReaderWriter.writeToAsString(ReaderWriter.java:191) at com.sun.jersey.core.provider.AbstractMessageReaderWriterProvider.writeToAsString(AbstractMessageReaderWriterProvider.java:128) at com.sun.jersey.core.impl.provider.entity.StringProvider.writeTo(StringProvider.java:88) at com.sun.jersey.core.impl.provider.entity.StringProvider.writeTo(StringProvider.java:58) at com.sun.jersey.api.client.RequestWriter.writeRequestEntity(RequestWriter.java:300) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:217) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:153) ... 21 more Caused by: java.security.cert.CertificateException: No name matching shr-test.hosp.org found at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:208) at sun.security.util.HostnameChecker.match(HostnameChecker.java:93) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) ... 48 more
我问的原因是因为我的操作系统有两个不同的主机名值。系统主机名和 VServer 主机名。我能够使用配置层次结构来控制系统主机名。他们实际上是不同的。为了使证书与 Java 所看到的相匹配,我需要避免此异常并使它们匹配。
参考这个问题:
https://serverfault.com/questions/793689/getting-hostname-on-centos-6-6-from-command-line
还有这个……
https://serverfault.com/questions/793689/getting-hostname-on-centos-6-6-from-command-line
我在 CN(通用名称)字段中输入了我的名字。因此,当它执行 JKS 密钥库查找时,它找到了 "MacGyver" 而不是 CNAME。
根本原因是在创建非第三方(也称为使用自定义 CA 的自签名 SSL 证书)密钥库时出现软件错误。其中一个提示询问 "What is your first and last name?",当它 应该 询问 "What is the Common Name of the certificate?" 完成时,你 运行 keystore 上的 keytool -list 命令,该值被放入 "CN" 字段。请参阅下面输入的错误值,并在完成后注意 "CN" 值。小心这个。
keytool -genkey -keyalg RSA -alias shrine-snow -keystore shrine.keystore -storepass XXXXX! -validity 360 -keysize 2048
What is your first and last name?
[Unknown]: Angus MacGyver
What is the name of your organizational unit?
[Unknown]: Criminal Investigation
What is the name of your organization?
[Unknown]: Phoenix Foundation
What is the name of your City or Locality?
[Unknown]: Madison
What is the name of your State or Province?
[Unknown]: Wisconsin
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Angus MacGyver, OU=Criminal Investigation, O=Phoenix Foundation, L=Madison, ST=Wisconsin, C=US correct?
[no]: yes
Enter key password for <selfsigned>
(RETURN if same as keystore password):XXXXX!
Re-enter new password:XXXXX!
您可以使用以下方法查看商店的内容:
keytool -v -list -keystore shrine.keystore