c# https请求忽略证书验证_各种编程语言忽略http的SSL证书认证

Posted 爱分析

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了c# https请求忽略证书验证_各种编程语言忽略http的SSL证书认证相关的知识,希望对你有一定的参考价值。

前言

我们内部测试的http服务器很多时候证书都是没有经过第三方认证的,我们发送http请求基本上都是忽略证书认证。

我总结了一下常用编程语言使用http请求时忽略证书认证的代码片段,记录一下下。

代码

go语言

func httpPost(url, body string) ([]byte, error)

req, err := http.NewRequest(http.MethodPost, urlPre+url, strings.NewReader(body))

if err != nil

return nil, err

req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

client := &http.Client // 忽略证书验证

Transport: &http.Transport

TLSClientConfig: &tls.Config

InsecureSkipVerify: true,

,

,

resp, err := client.Do(req)

if resp != nil

defer resp.Body.Close()

if err != nil

return nil, err

data, err := ioutil.ReadAll(resp.Body)

if err != nil

return nil, err

return data, nil

Python语言

import json

import requests

try:

# verify = False 表示忽略证书

response = requests.post("http://www.baidu.com/",verify = False, headers = header, data = "")

data = json.loads(response.text)

print(data)

except Exception as e:

print('error:', e)

Ruby语言

require 'rest-client'

require 'json'

begin

# :verify_ssl => OpenSSL::SSL::VERIFY_NONE 表示忽略证书

resp = RestClient::Request.execute(method: :post, url: "http://www.baidu.com/", payload: "", headers: headers, :verify_ssl => OpenSSL::SSL::VERIFY_NONE)

data = JSON.parse(resp.body)

puts(data)

rescue => e

puts("#e.class, #e.message")

end

Java语言

package iotp;

import java.io.BufferedReader;

import java.io.IOException;

import java.io.InputStream;

import java.io.InputStreamReader;

import java.io.OutputStream;

import java.net.MalformedURLException;

import java.net.URL;

import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSession;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

public class janbar

public static void main(String[] args)

trustAllHosts(); // 只在开头执行一次即可

String data = httpPost("http://www.baidu.com/", "");

System.out.println(data);

public static String httpPost(String httpUrl, String param)

HttpsURLConnection connection = null;

InputStream is = null;

OutputStream os = null;

BufferedReader br = null;

String result = null;

try

// 通过远程url连接对象打开连接

connection = (HttpsURLConnection) new URL(urlPre + httpUrl).openConnection();

// 忽略证书认证

connection.setHostnameVerifier(DO_NOT_VERIFY);

// 设置连接请求方式

connection.setRequestMethod("POST");

// 设置连接主机服务器超时时间:15000毫秒

connection.setConnectTimeout(15000);

// 设置读取主机服务器返回数据超时时间:60000毫秒

connection.setReadTimeout(60000);

// 默认值为:false,当向远程服务器传送数据/写数据时,需要设置为true

connection.setDoOutput(true);

// 默认值为:true,当前向远程服务读取数据时,设置为true,该参数可有可无

connection.setDoInput(true);

// 设置传入参数的格式:请求参数应该是 name1=value1&name2=value2 的形式。

connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");

// 通过连接对象获取一个输出流

os = connection.getOutputStream();

// 通过输出流对象将参数写出去/传输出去,它是通过字节数组写出的

os.write(param.getBytes());

// 通过连接对象获取一个输入流,向远程读取

if (connection.getResponseCode() == 200)

is = connection.getInputStream();

// 对输入流对象进行包装:charset根据工作项目组的要求来设置

br = new BufferedReader(new InputStreamReader(is, "UTF-8"));

StringBuffer sbf = new StringBuffer();

String temp = null;

// 循环遍历一行一行读取数据

while ((temp = br.readLine()) != null)

sbf.append(temp);

sbf.append("\\r\\n");

result = sbf.toString();

catch (MalformedURLException e)

e.printStackTrace();

catch (IOException e)

e.printStackTrace();

finally

// 关闭资源

if (null != br)

try

br.close();

catch (IOException e)

e.printStackTrace();

if (null != os)

try

os.close();

catch (IOException e)

e.printStackTrace();

if (null != is)

try

is.close();

catch (IOException e)

e.printStackTrace();

// 断开与远程地址url的连接

connection.disconnect();

return result;

private static void trustAllHosts()

// Create a trust manager that does not validate certificate chains

TrustManager[] trustAllCerts = new TrustManager[] new X509TrustManager()

public java.security.cert.X509Certificate[] getAcceptedIssuers()

return new java.security.cert.X509Certificate[] ;

public void checkClientTrusted(X509Certificate[] chain, String authType)

public void checkServerTrusted(X509Certificate[] chain, String authType)

;

// Install the all-trusting trust manager

try

SSLContext sc = SSLContext.getInstance("TLS");

sc.init(null, trustAllCerts, new java.security.SecureRandom());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

catch (Exception e)

e.printStackTrace();

private final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier()

public boolean verify(String hostname, SSLSession session)

return true;

;

php语言

function httpPost($url, $content)

$ch = curl_init();

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // 跳过证书检查

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); // 从证书中检查SSL加密算法是否存在

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type','application/x-www-form-urlencoded'));

curl_setopt($ch, CURLOPT_POST, true);

curl_setopt($ch, CURLOPT_POSTFIELDS, $content);

$response = curl_exec($ch);

if($error=curl_error($ch))

die($error);

curl_close($ch);

return $response;

$data = httpPost("http://www.baidu.com/", "");

$data = json_decode($data, true);

var_dump($data);

C#语言

using System;

using System.Collections.Generic;

using System.Text;

using System.Net;

using System.IO;

namespace SundrayApi

class Program

static void Main(string[] args)

string data = apiPost("http://www.baidu.com/", "");

Console.WriteLine(data);

Console.ReadLine();

static string apiPost(string url, string body)

string content = string.Empty;

try

/* 跳过ssl验证 */

ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true;

HttpWebRequest request = HttpWebRequest.Create(preUrl + url) as HttpWebRequest;

request.Method = "POST";

request.ContentType = "application/x-www-form-urlencoded";

byte[] data = Encoding.UTF8.GetBytes(body);

Stream newStream = request.GetRequestStream();

newStream.Write(data, 0, data.Length);

newStream.Close();

HttpWebResponse response = (HttpWebResponse)request.GetResponse();

Stream stream = response.GetResponseStream();

StreamReader reader = new StreamReader(stream, Encoding.UTF8);

content = reader.ReadToEnd();

reader.Close();

response.Close();

catch (Exception ex)

content = ex.ToString();

return content;

C/C++语言

c语言需要编译一下下,如下流程即可。

wget https://curl.haxx.se/download/curl-7.73.0.tar.gz

./configure

make

gcc test.c -l curl -L /root/c/curl/curl-7.73.0/lib/.libs -I /root/c/curl/curl-7.73.0/include

#include

#include

#include

#include

typedef struct

char *memory;

size_t size;

MemoryStruct;

static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)

size_t realsize = size * nmemb;

MemoryStruct *mem = (MemoryStruct *)userp;

char *ptr = realloc(mem->memory, mem->size + realsize + 1);

if(ptr == NULL) /* out of memory! */

printf("not enough memory (realloc returned NULL)\\n");

return 0;

mem->memory = ptr;

memcpy(&(mem->memory[mem->size]), contents, realsize);

mem->size += realsize;

mem->memory[mem->size] = 0;

return realsize;

int httpPost(const char *url, char *data, int size)

int ret = -1;

if(url == NULL || data == NULL)

return ret;

CURL *curl = curl_easy_init();

struct curl_slist* headers;

long retcode = 0;

MemoryStruct chunk;

chunk.size = 0;

chunk.memory = malloc(1);

headers = curl_slist_append(headers, "Content-Type: application/x-www-form-urlencoded");

curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);

curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);

curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);

curl_easy_setopt(curl, CURLOPT_POST, 1);

curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);

curl_easy_setopt(curl, CURLOPT_URL, url);

curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);

curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk);

CURLcode res = curl_easy_perform(curl);

curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &retcode);

if (res == CURLE_OK && retcode == 200)

ret = 0;

if (chunk.size > 0)

if (chunk.size > size)

chunk.size = size - 1; /* 超出限制,不拷贝 */

memcpy(data, chunk.memory, chunk.size);

data[chunk.size] = 0; /* 结束符 */

else

ret = -2;

curl_easy_cleanup(curl);

free(chunk.memory);

return ret;

int main(int argc, char *argv[])

int url_len = 128, data_len = 2048;

char *url = (char *)malloc(sizeof(char) * url_len);

char *data = (char *)malloc(sizeof(char) * data_len);

strcpy(url, "http://www.baidu.com/");

strcpy(data, "");

int ret = httpPost(url, data, data_len);

if (ret != 0)

return ret;

printf("[%s]\\n\\n",data);

return 0;

shell语言

#!/bin/bash

# 使用 -k 参数忽略证书

data=$(curl -s -k "http://www.baidu.com/" -d "")

echo "$data"

总结

把常用编程语言的http忽略证书代码做个笔记,方便以后再来查看。本来想写写lua的,但是lua连socket都得编译个库来搞,还是以后有需求再搞搞吧。

另外再附上

以上是关于c# https请求忽略证书验证_各种编程语言忽略http的SSL证书认证的主要内容,如果未能解决你的问题,请参考以下文章

HttpClient 怎么忽略证书验证访问https

OkHttp使用https,忽略证书验证

Retrofit+OKHttp忽略https证书验证

https 忽略 证书 发送请求

python忽略证书验证urllib2

C# HttpClient 是不是忽略 SSL 证书错误?