java连接https时禁用证书验证.

import java.io.File;
import java.security.cert.CertificateException;
import java.util.List;
import java.util.Map; import javax.net.ssl.SSLContext; import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.client.RestTemplate; public String test_getssoinfo() throws Exception { TrustStrategy acceptingTrustStrategy = new TrustStrategy() { @Override
public boolean isTrusted(java.security.cert.X509Certificate[] chain,
String authType) throws CertificateException {
System.out.println("in isTrusted" );
// TODO 完成方法实现
return true;
}
} ; SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
.loadTrustMaterial(null, acceptingTrustStrategy)
.build(); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext); CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(csf)
.build(); HttpComponentsClientHttpRequestFactory requestFactory =
new HttpComponentsClientHttpRequestFactory(); requestFactory.setHttpClient(httpClient); RestTemplate restTemplate = new RestTemplate(requestFactory);
// RestTemplate restTemplate = new RestTemplate();
String userJsonStr = restTemplate.getForObject("https://www.xxx.yy/", String.class);
return userJsonStr;
}

okhttp:

X509TrustManager trustManager = new X509TrustManager()
{
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException
{
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException
{
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers()
{
StrUtil.log("getAcceptedIssuers()");
return new X509Certificate[0];
}
}; SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new X509TrustManager[] { trustManager }, new java.security.SecureRandom());
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); builder.sslSocketFactory(sslSocketFactory, trustManager).hostnameVerifier(new HostnameVerifier()
{
@Override
public boolean verify(String hostname, SSLSession session)
{
StrUtil.log("verify() hostname:" + hostname + ", session:" + (session != null ? session.toString() : "null"));
return true;
}
});
上一篇:java实现https请求


下一篇:PostgreSQL JSON 处理