工作中的问题积累

2021年9月

java使用HttpURLConnection 去下载资源。

• 有一天突然就出现这个bug了。经过查询是ssl证书问题。 首先下载的资源是 https:// 的资源，但这个资源的ssl证书已经过期，或者是错误的，不授信的。这种情况你看很多网上说去改代码。我就想说这是资源的问题，1.修改成http:// 2.更新证书。代码中可以做一个简单的try catch操作，抛出一个对方需要更新证书的信息就可以了

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1546)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
        at com.agile.cloud.util.FileUploadUtil.getImageFromNetByUrl(FileUploadUtil.java:620)
        at com.agile.cloud.service.ContractInfoNewServiceImpl.uploadContractUrl(ContractInfoNewServiceImpl.java:2767)
        at com.agile.cloud.service.ContractInfoNewServiceImpl$$FastClassBySpringCGLIB$$f53bf706.invoke(<generated>)

2021年10月

2021年10月21日

上次说因为证书的问题，会报sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to 错误，后来那个客户更新了证书后依然出错，通常正常的链接资源是没问题的。这里copy一份网上的解决方案。

• 新建一个工具类SslUtils

import javax.net.ssl.SSLSession;


import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class SslUtils {

    public static void trustAllHttpsCertificates() throws Exception {
        TrustManager[] trustAllCerts = new TrustManager[1];
        TrustManager tm = new miTM();
        trustAllCerts[0] = tm;
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, null);
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    }

    static class miTM implements TrustManager, X509TrustManager {
        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public boolean isServerTrusted(X509Certificate[] certs) {
            return true;
        }

        public boolean isClientTrusted(X509Certificate[] certs) {
            return true;
        }

        @Override
        public void checkServerTrusted(X509Certificate[] certs, String authType)
                throws CertificateException {
            return;
        }

        @Override
        public void checkClientTrusted(X509Certificate[] certs, String authType)
                throws CertificateException {
            return;
        }
    }

    /**
     * 忽略HTTPS请求的SSL证书，必须在openConnection之前调用
     *
     * @throws Exception
     */
    public static void ignoreSsl() throws Exception {
        HostnameVerifier hv = new HostnameVerifier() {
            @Override
            public boolean verify(String urlHostName, SSLSession session) {
                return true;
            }
        };
        trustAllHttpsCertificates();
        HttpsURLConnection.setDefaultHostnameVerifier(hv);
    }
}

• 在调用下载之前，调用 SslUtils.ignoreSsl()方法

SslUtils.ignoreSsl();
URL url = new URL(strUrl);  
HttpURLConnection conn = (HttpURLConnection)url.openConnection();  

2021年11月

在cherry-pick的时候出现以下错误提示，是对同一提交重复做cherry-pick引起的。

On branch***

You are currentlycherry-picking.

(all conflicts fixed: run "gitcommit")

nothing to commit,working directory clean

The previouscherry-pick is now empty, possibly due to conflict resolution.

If you wish to commitit anyway, use:

git commit --allow-empty

Otherwise, please use'git reset'

分析：没有冲突输出，提示如果要提交，需要做空提交，说明这次cherry-pick的内容可能已经在这个分支上提交过了。

验证：1、查看这个哈希值所修改的文件 2、查看某个文件的修改log 3、有相同的提交注释