最近在调用微信公众平台高级群发接口之一:
https://file.api.weixin.qq.com/cgi-bin/media/uploadvideo?access_token=ACCESS_TOKEN 时,https访问抛出异常:
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name异常中出现关键字:unrecognized 未被承认的name。
google之,处理办法,代码加入:
//bug fiexd for: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
System.setProperty ("jsse.enableSNIExtension", "false");再次调用该接口,抛出新的异常:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching file.api.weixin.qq.com found.继续处理,代码加入:
URL url = new URL(requestUrl);
httpUrlConn = (HttpsURLConnection)url.openConnection();
httpUrlConn.setSSLSocketFactory(ssf);
//bug fixed for: java.security.cert.CertificateException: No subject alternative DNS name matching
httpUrlConn.setHostnameVerifier(new CustomizedHostnameVerifier());其中CustomizedHostnameVerifier类如下:
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
/**
* HostnameVerifier
* bug fixed : <http://iteches.com/archives/45015>
* @author will_awoke
* @version 2014-8-15
* @see CustomizedHostnameVerifier
* @since
*/
public class CustomizedHostnameVerifier implements HostnameVerifier
{
@Override
public boolean verify(String arg0, SSLSession arg1)
{
return true;
}
}原因:
and then apply this class to your single SSL connection
HttpsURLConnection connection = (HttpsURLConnection) new URL("
https://url").openConnection();
connection.setHostnameVerifier(new CustomizedHostNameVerifier());
or apply to all SLL connection
HttpsURLConnection.setDefaultHostnameVerifier(new CustomizedHostnameVerifier());
However this method might pose a security risk because basically we don’t verify the hostname anymore. The server may use other website’s certificate and the program will still accept it.
简而言之:
因为微信的这个接口是未认证https不安全的,所有需要代码中需要dont verify。
