java连接https时禁用证书验证.

Posted 2020-10-03 zhao1949

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了java连接https时禁用证书验证.相关的知识，希望对你有一定的参考价值。

import java.io.File;
import java.security.cert.CertificateException;
import java.util.List;
import java.util.Map;

import javax.net.ssl.SSLContext;

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.client.RestTemplate;

    public String test_getssoinfo() throws Exception {
        
        TrustStrategy acceptingTrustStrategy = new TrustStrategy() {

            @Override
            public boolean isTrusted(java.security.cert.X509Certificate[] chain,
                    String authType) throws CertificateException {
                System.out.println("in isTrusted" );
                // TODO 完成方法实现
                return true;
            }
        } ;

        SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
                .loadTrustMaterial(null, acceptingTrustStrategy)
                .build();

        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);

        CloseableHttpClient httpClient = HttpClients.custom()
                .setSSLSocketFactory(csf)
                .build();

        HttpComponentsClientHttpRequestFactory requestFactory =
                new HttpComponentsClientHttpRequestFactory();

        requestFactory.setHttpClient(httpClient);
        
        RestTemplate restTemplate = new RestTemplate(requestFactory);
//        RestTemplate restTemplate = new RestTemplate();
        String userJsonStr = restTemplate.getForObject("https://www.xxx.yy/", String.class);
        return userJsonStr;
    }

okhttp:

X509TrustManager trustManager = new X509TrustManager()
            {
                @Override
                public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException
                {
                }
                @Override
                public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException
                {
                }
                @Override
                public java.security.cert.X509Certificate[] getAcceptedIssuers()
                {
                    StrUtil.log("getAcceptedIssuers()");
                    return new X509Certificate[0];
                }
            };

            SSLContext sslContext = SSLContext.getInstance("SSL");
            sslContext.init(null, new X509TrustManager[] { trustManager }, new java.security.SecureRandom());
            SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
            
            builder.sslSocketFactory(sslSocketFactory, trustManager).hostnameVerifier(new HostnameVerifier()
            {
                @Override
                public boolean verify(String hostname, SSLSession session)
                {
                    StrUtil.log("verify() hostname:" + hostname + ", session:" + (session != null ? session.toString() : "null"));
                    return true;
                }
            });

以上是关于java连接https时禁用证书验证.的主要内容，如果未能解决你的问题，请参考以下文章

SSL 证书 - 在 axios 中禁用验证并做出反应

是否有用于禁用证书验证的 java 设置？ [复制]

c# https请求忽略证书验证_各种编程语言忽略http的SSL证书认证

如何禁用 cURL SSL 证书验证 [重复]

Java访问HTTPS时证书验证问题

在java中怎么验证ssl证书的有效性