java连接https时禁用证书验证.

2023-03-08 07:32:29

import java.io.File;

import java.security.cert.CertificateException;

import java.util.List;

import java.util.Map;

import javax.net.ssl.SSLContext;

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;

import org.apache.http.conn.ssl.TrustSelfSignedStrategy;

import org.apache.http.conn.ssl.TrustStrategy;

import org.apache.http.impl.client.CloseableHttpClient;

import org.apache.http.impl.client.HttpClients;

import org.apache.http.ssl.SSLContexts;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;

import org.springframework.security.core.annotation.AuthenticationPrincipal;

import org.springframework.stereotype.Controller;

import org.springframework.web.bind.annotation.RequestMapping;

import org.springframework.web.bind.annotation.RequestMethod;

import org.springframework.web.bind.annotation.ResponseBody;

import org.springframework.web.client.RestTemplate;

    public String test_getssoinfo() throws Exception {

        TrustStrategy acceptingTrustStrategy = new TrustStrategy() {

            @Override

            public boolean isTrusted(java.security.cert.X509Certificate[] chain,

                    String authType) throws CertificateException {

                System.out.println("in isTrusted" );

                // TODO 完成方法实现

                return true;

            }

        } ;

        SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()

                .loadTrustMaterial(null, acceptingTrustStrategy)

                .build();

        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);

        CloseableHttpClient httpClient = HttpClients.custom()

                .setSSLSocketFactory(csf)

                .build();

        HttpComponentsClientHttpRequestFactory requestFactory =

                new HttpComponentsClientHttpRequestFactory();

        requestFactory.setHttpClient(httpClient);

        RestTemplate restTemplate = new RestTemplate(requestFactory);

//        RestTemplate restTemplate = new RestTemplate();

        String userJsonStr = restTemplate.getForObject("https://www.xxx.yy/", String.class);

        return userJsonStr;

    }

okhttp:

X509TrustManager trustManager = new X509TrustManager()

            {

                @Override

                public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException

                {

                }

                @Override

                public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException

                {

                }

                @Override

                public java.security.cert.X509Certificate[] getAcceptedIssuers()

                {

                    StrUtil.log("getAcceptedIssuers()");

                    return new X509Certificate[0];

                }

            };

            SSLContext sslContext = SSLContext.getInstance("SSL");

            sslContext.init(null, new X509TrustManager[] { trustManager }, new java.security.SecureRandom());

            SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

            builder.sslSocketFactory(sslSocketFactory, trustManager).hostnameVerifier(new HostnameVerifier()

            {

                @Override

                public boolean verify(String hostname, SSLSession session)

                {

                    StrUtil.log("verify() hostname:" + hostname + ", session:" + (session != null ? session.toString() : "null"));

                    return true;

                }

            });

码农公寓

相关文章