Recently in the public platform call one of the advanced Mass Interface:
When Https://file.api.weixin.qq.com/cgi-bin/media/uploadvideo?access_token=ACCESS_TOKEN, HTTPS access throws an exception:
Javax.net.ssl.SSLProtocolException:handshake Alert:unrecognized_name
The keyword appears in the exception: unrecognized is not recognized by name.
Google, how to handle, code to add:
Bug Fiexd for:javax.net.ssl.SSLProtocolException:handshake alert:unrecognized_name system.setproperty (" Jsse.enablesniextension "," false ");
Call the interface again to throw a new exception:
Javax.net.ssl.SSLHandshakeException:java.security.cert.CertificateException:No Subject Alternative DNS name Matching file.api.weixin.qq.com found.
Continue processing, add code:
URL url = new URL (requesturl); Httpurlconn = (httpsurlconnection) url.openconnection (); Httpurlconn.setsslsocketfactory (SSF); Bug fixed for:java.security.cert.CertificateException:No Subject Alternative DNS name matching Httpurlconn.sethostnameverifier (New Customizedhostnameverifier ());
where the Customizedhostnameverifier class is as follows:
Import Javax.net.ssl.hostnameverifier;import javax.net.ssl.sslsession;/** * hostnameverifier * bug fixed:
cause:
And then apply the this class to your a single SSL connection
Httpsurlconnection connection = (httpsurlconnection) New URL ("
Https://url "). OpenConnection ();
Connection.sethostnameverifier (New Customizedhostnameverifier ());
or apply to all SLL connection
Httpsurlconnection.setdefaulthostnameverifier (New Customizedhostnameverifier ());
However this method might pose a security risk because basically we don ' t verify the hostname anymore. The server may use other website's certificate and the program would still accept it.
Nutshell:
Because this interface is not authenticated HTTPS is not secure, all need to dont verify in the code.
Reference:
http://iteches.com/archives/45015
http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0