极客观点
项目管理
HarmonyOS
- 微信服务号模板消息详情页在安卓手机打开是空白,苹果手机打开没问题
- 网上找资料说是
SSL证书链不完整 - 我使用命令:
keytool -list -v -keystore www.我的域名.club.jks -storepass 4l5ejy794查看证书链,显示结果如下:
密钥库类型: jks
密钥库提供方: SUN
您的密钥库包含 1 个条目
别名: www.xdfznh.club
创建日期: 2019-11-6
条目类型: PrivateKeyEntry
证书链长度: 4
证书[1]:
所有者: CN=www.xdfznh.club
发布者: CN=TrustAsia TLS RSA CA, OU=Domain Validated SSL, O="TrustAsia Technologies, Inc.", C=CN
序列号: 3c2308061c076941782ae727ecc933c
有效期为 Tue Sep 17 08:00:00 CST 2019 至 Wed Sep 16 20:00:00 CST 2020
证书指纹:
MD5: 44:4A:7A:64:B7:49:03:A7:6B:88:97:27:B5:7E:51:A8
SHA1: AA:11:60:67:B3:AB:AF:1A:F7:69:AC:3B:90:C8:63:DD:05:A3:FC:5C
SHA256: 6C:14:A9:27:F8:29:D1:20:DA:18:B2:B7:2C:EF:33:08:1D:20:C9:A3:08:95:41:15:DC:AB:97:79:9F:60:4F:45
签名算法名称: SHA256withRSA
主体公共密钥算法: 2048 位 RSA 密钥
版本: 3
扩展:
#1: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
0000: 04 81 F3 00 F1 00 76 00 BB D9 DF BC 1F 8A 71 B5 ......v.......q.
0010: 93 94 23 97 AA 92 7B 47 38 57 95 0A AB 52 E8 1A ..#....G8W...R..
0020: 90 96 64 36 8E 1E D1 85 00 00 01 6D 3C A1 1B AC ..d6.......m<...
0030: 00 00 04 03 00 47 30 45 02 20 07 BC 87 D4 B3 E9 .....G0E. ......
0040: DC 15 80 19 78 5F 5E FD F9 16 A5 F4 88 1D 51 F3 ....x_^.......Q.
0050: 06 F1 40 BB 7D BB 80 5C E9 B0 02 21 00 81 52 07 ..@....\...!..R.
0060: 27 4F 1E C0 1E 9F 05 66 6F 3E B2 25 16 18 F7 A9 'O.....fo>.%....
0070: 3E DB 51 41 BA 05 82 8C B7 D4 67 42 B8 00 77 00 >.QA......gB..w.
0080: 87 75 BF E7 59 7C F8 8C 43 99 5F BD F3 6E FF 56 .u..Y...C._..n.V
0090: 8D 47 56 36 FF 4A B5 60 C1 B4 EA FF 5E A0 83 0F .GV6.J.`....^...
00A0: 00 00 01 6D 3C A1 1C 18 00 00 04 03 00 48 30 46 ...m<........H0F
00B0: 02 21 00 C9 43 61 A6 A4 C7 CB 17 A5 C5 1C 52 4F .!..Ca........RO
00C0: 3D B3 7F 68 4C F4 0B F1 94 1B 99 F3 E7 52 BA 70 =..hL........R.p
00D0: 8D 3A 29 02 21 00 C1 04 35 C9 2F 04 6C E7 53 9A .:).!...5./.l.S.
00E0: AB DA 1E DC 00 C1 37 9E D0 83 16 24 C6 18 04 38 ......7....$...8
00F0: E2 31 12 29 22 ED .1.)".
#2: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://statuse.digitalcertvalidation.com
,
accessMethod: caIssuers
accessLocation: URIName: http://cacerts.digitalcertvalidation.com/TrustAsiaTLSRSACA.crt
]
]
#3: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 7F D3 99 F3 A0 47 0E 31 00 56 56 22 8E B7 CC 9E .....G.1.VV"....
0010: DD CA 01 8A ....
]
]
#4: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
#5: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114412.1.2]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69 ..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS
]] ]
[CertificatePolicyId: [2.23.140.1.2.1]
[] ]
]
#6: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
#7: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
#8: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: www.xdfznh.club
DNSName: xdfznh.club
]
#9: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 1A 9C 79 E6 53 45 24 BA 82 C4 E9 FE A0 85 A4 24 ..y.SE$........$
0010: EC C5 FF 7C ....
]
]
证书[2]:
所有者: CN=TrustAsia TLS RSA CA, OU=Domain Validated SSL, O="TrustAsia Technologies, Inc.", C=CN
发布者: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
序列号: 580267f06f29553348e1c185a5eee2e
有效期为 Fri Dec 08 20:28:26 CST 2017 至 Wed Dec 08 20:28:26 CST 2027
证书指纹:
MD5: 1D:53:32:66:43:D6:89:C4:9D:C2:95:62:50:FF:52:C0
SHA1: EC:41:91:D1:F3:57:BD:53:94:83:28:6F:A6:7F:D2:19:14:3D:26:11
SHA256: 79:F1:F5:AB:69:7D:EB:F1:95:F5:B7:DA:65:F9:53:99:68:2E:DA:EB:80:11:5B:9D:42:A6:AE:5E:2F:A9:88:02
签名算法名称: SHA256withRSA
主体公共密钥算法: 2048 位 RSA 密钥
版本: 3
扩展:
#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
]
]
#2: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]
#3: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]
#4: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/DigiCertGlobalRootCA.crl]
]]
#5: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114412.1.2]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69 ..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS
]] ]
[CertificatePolicyId: [2.23.140.1.2.1]
[] ]
]
#6: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
#7: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
#8: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7F D3 99 F3 A0 47 0E 31 00 56 56 22 8E B7 CC 9E .....G.1.VV"....
0010: DD CA 01 8A ....
]
]
证书[3]:
所有者: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
发布者: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
序列号: f5bc3a176cb789e2020c7893c8167b4
有效期为 Wed Dec 07 20:17:34 CST 2016 至 Sat May 10 20:00:00 CST 2025
证书指纹:
MD5: 44:AA:16:4A:E8:FB:6B:59:01:D0:C6:BA:62:E5:48:27
SHA1: FB:20:FA:8A:6A:93:B3:75:F0:54:81:4F:9E:00:27:3E:A5:1A:61:38
SHA256: 6D:AC:BB:89:45:13:7B:1D:AD:42:11:B0:43:6E:FB:E0:6F:12:AC:E3:69:04:97:3B:45:AE:25:74:08:23:D3:69
签名算法名称: SHA256withRSA
主体公共密钥算法: 2048 位 RSA 密钥
版本: 3
扩展:
#1: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
]
]
#2: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E5 9D 59 30 82 47 58 CC AC FA 08 54 36 86 7B 3A ..Y0.GX....T6..:
0010: B5 04 4D F0 ..M.
]
]
#3: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:1
]
#4: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/Omniroot2025.crl]
]]
#5: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69 ..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS
]] ]
]
#6: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
#7: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 03 DE 50 35 56 D1 4C BB 66 F0 A3 E2 1B 1B C3 97 ..P5V.L.f.......
0010: B2 3D D1 55 .=.U
]
]
证书[4]:
所有者: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
发布者: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
序列号: 20000b9
有效期为 Sat May 13 02:46:00 CST 2000 至 Tue May 13 07:59:00 CST 2025
证书指纹:
MD5: AC:B6:94:A5:9C:17:E0:D7:91:52:9B:B1:97:06:A6:E4
SHA1: D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
SHA256: 16:AF:57:A9:F6:76:B0:AB:12:60:95:AA:5E:BA:DE:F2:2A:B3:11:19:D6:44:AC:95:CD:4B:93:DB:F3:F2:6A:EB
签名算法名称: SHA1withRSA
主体公共密钥算法: 2048 位 RSA 密钥
版本: 3
扩展:
#1: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:3
]
#2: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: E5 9D 59 30 82 47 58 CC AC FA 08 54 36 86 7B 3A ..Y0.GX....T6..:
0010: B5 04 4D F0 ..M.
]
]
*******************************************
*******************************************
Warning:
JKS 密钥库使用专用格式。建议使用 "keytool -importkeystore -srckeystore www.xdfznh.club.jks -destkeystore www.xdfzn
h.club.jks -deststoretype pkcs12" 迁移到行业标准格式 PKCS12。 - 如果代码看不清楚就看图片:
- 如何鉴别证书链是否完整
可以用这个工具:https://www.sslceshi.com/ssl_...
下面检测结果里“可信颁发机构”显示为“是”,并且“证书链详情”里没有空白项,就说明完整。
P.S. 看了一下你这个域名
www.xdfznh.club证书链没啥问题啊。能给个你说的公众号链接不?三星S9+ 访问正常:
补充回答:
抓包跟踪了一下,发现你的这个页面始终返回的是 404 HTTP 状态码。
微信会认为该状态码是异常的,不会渲染你返回的页面内容。
如果是前后端分离的,建议检查一下 WebServer 配置;如果是不分离的,建议检查一下相关代码,有没有正确返回状态码。