开发者社区> 问答> 正文

suiteaccesstoken报错

调用获取套件访问Token(suite_access_token)报错:
访问接口为:“get_suite_token” 错误 消息为:hostname in certificate didn't match: <oapi.dingtalk.com> != <*.laiwang.com> OR <*.laiwang.com>
具体错误内容:

request url=https://oapi.dingtalk.com/service/get_suite_token, exception, msg=hostname in certificate didn't match: <oapi.dingtalk.com> != <*.laiwang.com> OR <*.laiwang.com>
javax.net.ssl.SSLException: hostname in certificate didn't match: <oapi.dingtalk.com> != <*.laiwang.com> OR <*.laiwang.com>
        at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:231)
        at org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54)
        at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:152)
        at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:133)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:291)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:262)
        at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:118)
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:314)
        at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:357)
        at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:218)
        at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:194)
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:85)
        at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108)
        at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:186)
        at org.apache.http.impl.client.CloseablXHttpClient.execute(CloseablXHttpClient.java:82)
        at com.alibaba.dingtalk.openapi.demo.utils.HttpHelper.httpPost(HttpHelper.java:93)
        at com.alibaba.dingtalk.openapi.demo.service.ServiceHelper.getSuiteToken(ServiceHelper.java:20)
        at com.lianlian.box.user.web.webservice.impl.DingDingWebServiceImpl.yjsw(DingDingWebServiceImpl.java:154)
        at sun.reflect.GeneratedMethodAccessor89.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
        at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
        at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204)
        at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:115)
        at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
        at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
        at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:238)
        at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:222)
        at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:163)
        at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137)
        at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:158)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:239)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:159)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:215)
        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:808)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:595)
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
        at org.eclipse.jetty.server.Dispatcher.forward(Dispatcher.java:191)
        at org.eclipse.jetty.server.Dispatcher.forward(Dispatcher.java:72)
        at com.lianlian.box.user.web.session.filter.PathFilter.doFilter(PathFilter.java:40)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
        at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
        at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
        at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
        at org.eclipse.jetty.server.Server.handle(Server.java:497)
        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
        at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
        at java.lang.Thread.run(Thread.java:744)

展开
收起
禾连网络 2016-02-01 15:08:47 9505 0
6 条回答
写回答
取消 提交回答
  • 回 3楼竹梅的帖子
    你好 我也遇到这个问题了 有好的解决方法吗 急等

    -------------------------

    回 楼主禾连网络的帖子
    楼主是怎么解决的

    -------------------------

    Resuiteaccesstoken报错
    奇怪  我把 换成官给的DEMO中的  httpclient-4.3 就可以了
    2016-03-02 22:53:59
    赞同 展开评论 打赏
  • Resuiteaccesstoken报错
    我也遇到了同样的问题。
    在PC上OK的程序,在服务器上就报SSLPeerUnverifiedException
    2016-02-15 15:08:26
    赞同 展开评论 打赏
  • Resuiteaccesstoken报错
    这个问题是怎么解决的??

    -------------------------

    回 3楼竹梅的帖子
    httpclient-4.4报错同样的错

    -------------------------

    Resuiteaccesstoken报错
    原因分析:httpclient对https进行服务器证书ssl校验,某些情况下,URI制定一个ip而不是主机,这种情况下subjectataltname证书必须存在完全匹配URI的ip。从本质上讲该服务的证书不符合HTTPS规范,应联系改服务器建立证书与ip对应的设置。

    解决办法(不推荐):
    //创建TrustManager
            X509TrustManager xtm = new X509TrustManager() {
                public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            //HOST验证
            X509HostnameVerifier hostnameVerifier = new X509HostnameVerifier() {
                public boolean verify(String arg0, SSLSession arg1) {
                    return true;
                }
                public void verify(String arg0, SSLSocket arg1) throws IOException {}
                public void verify(String arg0, String[] arg1, String[] arg2) throws SSLException {}
                public void verify(String arg0, X509Certificate arg1) throws SSLException {}
            };
            
    try {
            HttpClient    httpClient=new DefaultHttpClient();
    SSLContext ctx = SSLContext.getInstance("TLS");
             //使用TrustManager来初始化该上下文,TrustManager只是被SSL的Socket所使用
             ctx.init(null, new TrustManager[] { xtm }, null);
             //创建SSLSocketFactory
             SSLSocketFactory socketFactory = new SSLSocketFactory(ctx);
             socketFactory.setHostnameVerifier(hostnameVerifier);
             SSLSocketFactory.getSocketFactory().setHostnameVerifier(hostnameVerifier);
             httpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", socketFactory, 443));
    //钉钉获取token
              URI url = new URI("https://oapi.dingtalk.com/sso/gettoken?corpid=dingedXXXXXXXX&corpsecret=XXXXXXXXX");
              HttpGet get = new HttpGet(url);
              HttpResponse response = httpClient.execute(get);
              HttpEntity entity=response.getEntity();
              if(entity!= null){
                  JSONObject jsonObject=JSONObject.parseObject(EntityUtils.toString(entity));
                  System.out.print(jsonObject.get("access_token")  );
              }
    } catch (Exception e) {
    e.printStackTrace();
    }

    -------------------------

    回 7楼略的帖子
    导入的包
    import java.security.KeyManagementException;
    import java.security.NoSuchAlgorithmException;
    import java.security.cert.CertificateException;
    import java.security.cert.X509Certificate;

    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLException;
    import javax.net.ssl.SSLSession;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.TrustManager;
    import javax.net.ssl.X509TrustManager;

    import org.apache.http.HttpEntity;
    import org.apache.http.HttpResponse;
    import org.apache.http.NameValuePair;
    import org.apache.http.ParseException;
    import org.apache.http.client.ClientProtocolException;
    import org.apache.http.client.HttpClient;
    import org.apache.http.client.entity.UrlEncodedFormEntity;
    import org.apache.http.client.methods.HttpPost;
    import org.apache.http.conn.scheme.Scheme;
    import org.apache.http.conn.ssl.SSLSocketFactory;
    import org.apache.http.conn.ssl.X509HostnameVerifier;
    import org.apache.http.impl.client.DefaultHttpClient;
    import org.apache.http.message.BasicNameValuePair;
    import org.apache.http.util.EntityUtils;
    2016-02-15 15:02:17
    赞同 展开评论 打赏
  • 回 2楼(禾连网络) 的帖子
    再确认下jar包Apache HttpClient library
    2016-02-03 21:30:59
    赞同 展开评论 打赏
  • 回 1楼靖山的帖子
    请问SSL版本较旧是指调用的jar包版本吗?
    2016-02-03 13:30:36
    赞同 展开评论 打赏
  • 你好你的SSL版本较旧,钉钉服务端暂时无法将正确的证书发放到你的服务器,我们会想版本修复这个问题,在此之前请升级你的SSL实现版本
    2016-02-01 15:56:22
    赞同 展开评论 打赏
滑动查看更多
问答地址:
问答排行榜
最热
最新

相关电子书

更多
低代码开发师(初级)实战教程 立即下载
冬季实战营第三期:MySQL数据库进阶实战 立即下载
阿里巴巴DevOps 最佳实践手册 立即下载