无法创建新的远程会话。主机名 (IP_ADDRESS) 未验证

Unable to create a new remote session. Hostname (IP_ADDRESS) not verified

我在远程服务器上托管了一个 Appium 实例。它能够在旧版本的 Appium 上连接和执行测试,即 java-client 4.1.2,这是很旧的。我试图将我的 Appium java-client 版本升级到 7.3.0,但我一直 运行 遇到错误。现在我在这里阅读了一些关于如何解决这个问题的答案

我还阅读了一些博客文章并创建了一个具有 SAN(主题备用名称)的证书。我已验证 SAN 被正确反映,我在异常下看到它。另一种解决方案是覆盖主机名验证部分,但由于 HTTP URL 连接是通过 Selenium 远程驱动程序依赖项完成的,我也不能这样做。

异常堆栈跟踪

Exception in thread "main" org.openqa.selenium.SessionNotCreatedException: Unable to create a new remote session. Original error: Hostname IP_ADDRESS not verified:
certificate: sha256/qBxa5dCkXQoyg8GE54564120O+oBGYRHFZI8=
DN: CN=IP_ADDRESS, O=org_name, L=location, ST=state, C=country
subjectAltNames: [IP_ADDRESS]

Driver info: driver.version: AndroidDriver
    at io.appium.java_client.remote.AppiumCommandExecutor.createSession(AppiumCommandExecutor.java:208)
    at io.appium.java_client.remote.AppiumCommandExecutor.createSession(AppiumCommandExecutor.java:217)
    at io.appium.java_client.remote.AppiumCommandExecutor.execute(AppiumCommandExecutor.java:239)
    at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:577)
    at org.openqa.selenium.remote.RemoteWebDriver.startSession(RemoteWebDriver.java:211)
    at io.appium.java_client.AppiumDriver.startSession(AppiumDriver.java:336)
    at org.openqa.selenium.remote.RemoteWebDriver.<init>(RemoteWebDriver.java:131)
    at io.appium.java_client.DefaultGenericMobileDriver.<init>(DefaultGenericMobileDriver.java:37)
    at io.appium.java_client.AppiumDriver.<init>(AppiumDriver.java:88)
    at io.appium.java_client.AppiumDriver.<init>(AppiumDriver.java:98)
    at io.appium.java_client.android.AndroidDriver.<init>(AndroidDriver.java:94)
    at com.quantum.java.pages.Galaxy8Calculator.main(Galaxy8Calculator.java:43)
Caused by: java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at io.appium.java_client.remote.AppiumCommandExecutor.createSession(AppiumCommandExecutor.java:186)
    ... 11 more
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname IP_ADDRESS not verified:
    certificate: sha256/qBxa5dCkXQoyg8GE54564120O+oBGYRHFZI8=
    DN: CN=IP_ADDRESS, O=org_name, L=location, ST=state, C=country
    subjectAltNames: [IP_ADDRESS]
    at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:350)
    at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
    at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:185)
    at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
    at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:107)
    at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.java:87)
    at okhttp3.internal.connection.Transmitter.newExchange(Transmitter.java:162)
    at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
    at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
    at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
    at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
    at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
    at okhttp3.RealCall.execute(RealCall.java:81)
    at org.openqa.selenium.remote.internal.OkHttpClient.execute(OkHttpClient.java:57)
    at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:105)
    ... 16 more 

这是我认为重要的依赖项版本

Appium java-client 7.3.0
Selenium selenium-java 3.141.59

我也曾尝试在建立连接时将 setAcceptInsecureCerts() 功能设置为 true,但无济于事。如果有人对此有任何见解,请告诉我。

这是自签名证书内容

verify OK
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: C=C, ST=st, L=loc, O=org, CN=IP_ADDRESS
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d0:xyz
                Exponent: 65537 (0x10001)
        Attributes:
        Requested Extensions:
            X509v3 Subject Alternative Name:
                DNS:IP_ADDRESS
    Signature Algorithm: sha256WithRSAEncryption
         52:e5:xyz

你能打印出你是如何生成证书的吗?或者打印出它的详细信息。您是否有可能以某种方式将 IP 地址编码为 DNS SAN 值?它们在证书中输入(DNS: 前缀)。

openssl x509 -in a.pem -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:b0:23:11:94:77:2a:a0:8e:76:5a:76:82:c9:ad:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
        Validity
            Not Before: Mar 26 00:00:00 2020 GMT
            Not After : Mar 25 12:00:00 2021 GMT
        Subject: C=US, ST=California, L=San Francisco, O=Twitter, Inc., OU=lon3, CN=api.twitter.com
...
            X509v3 Subject Alternative Name:
                DNS:api.twitter.com