justauth/JustAuth

bug:javax.net.ssl.SSLHandshakeException: No subject alternative DNS name matching open.feishu.cn found.

kiwimg opened this issue · 4 comments

kiwimg commented

为更快的帮您定位问题,推荐您用以下模板反馈问题:

  1. 出现问题时,您做了哪些操作?

检查配置,流程都没有问题,app_access_token获取正确 参数也传递正确

使用的是 1.16.5 版本
2. 在哪个步骤出现了问题?

调用户https://open.feishu.cn/open-apis/authen/v1/user_info 接口

  1. 您希望得到什么结果?

是不是bug

  1. 您实际得到什么结果?

希望得到怎么解决

  1. 请附上您出现问题的整屏截图或者整个异常堆栈信息
    Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative DNS name matching open.feishu.cn found. at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:259) at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:642) at java.base/sun.security.ssl.CertificateStatus$CertificateStatusConsumer.consume(CertificateStatus.java:292) at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1065) at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1052) at java.base/java.security.AccessController.doPrivileged(Native Method) at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:999) at java.base/java.util.ArrayList.forEach(ArrayList.java:1540) at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate.lambda$executeTasks$3(SSLFlowDelegate.java:1059) at java.net.http/jdk.internal.net.http.HttpClientImpl$DelegatingExecutor.execute(HttpClientImpl.java:153) at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate.executeTasks(SSLFlowDelegate.java:1054) at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate.doHandshake(SSLFlowDelegate.java:1020) at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate$Reader.processData(SSLFlowDelegate.java:437) at java.net.http/jdk.internal.net.http.common.SSLFlowDelegate$Reader$ReaderDownstreamPusher.run(SSLFlowDelegate.java:263) at java.net.http/jdk.internal.net.http.common.SequentialScheduler$SynchronizedRestartableTask.run(SequentialScheduler.java:175) at java.net.http/jdk.internal.net.http.common.SequentialScheduler$CompleteRestartableTask.run(SequentialScheduler.java:147) at java.net.http/jdk.internal.net.http.common.SequentialScheduler$TryEndDeferredCompleter.complete(SequentialScheduler.java:315) at java.net.http/jdk.internal.net.http.common.SequentialScheduler$CompleteRestartableTask.run(SequentialScheduler.java:149) at java.net.http/jdk.internal.net.http.common.SequentialScheduler$SchedulableTask.run(SequentialScheduler.java:198) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ... 1 more Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching open.feishu.cn found. at java.base/sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:207) at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:98) at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:459) at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:434) at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:291) at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:141) at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:620) ... 22 more
kiwimg commented

飞书大家都可以正常使用吗?

cheng521521 commented

我刚刚实验了一下,可以正常使用。你的JDK是哪个版本,发请求的时候用的是什么Http实现?

kiwimg commented

JDK 11,java.net.http/jdk.internal.net.http.HttpClientImpl

cheng521521 commented

可以看看你的回调接口是怎么写的吗。因为我用jdk11 ,java.net.http/jdk.internal.net.http.HttpClientImpl。获取用户信息没问题。既然access_token可以获取到,我感觉和ssl没关系。因为获取token的接口也是https的https://open.feishu.cn/open-apis/authen/v1/access_token