本文介绍了忽略Apache HttpClient 4.3中的SSL证书的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如何忽略




    • How to ignore SSL certificate errors in Apache HttpClient 4.0
    • How to handle invalid SSL certificates with Apache HttpClient?
    • Need to trust all the certificates during the development using Spring
    • Ignore SSL Certificate Errors with Java

    编辑:


    • 仅用于测试目的。孩子们,不要在家里(或在制作中)尝试。

    推荐答案

    下面的代码适用于信任自签名证书。您必须使用创建客户端时:

    The code below works for trusting self-signed certificates. You have to use the TrustSelfSignedStrategy when creating your client:

        SSLContextBuilder builder = new SSLContextBuilder();
        builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
                builder.build());
        CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(
                sslsf).build();
    
        HttpGet httpGet = new HttpGet("https://some-server");
        CloseableHttpResponse response = httpclient.execute(httpGet);
        try {
            System.out.println(response.getStatusLine());
            HttpEntity entity = response.getEntity();
            EntityUtils.consume(entity);
        }
        finally {
            response.close();
        }
    

    我没有包含 SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER 故意:重点是允许使用自签名证书进行测试,这样您就不必从证书颁发机构获得适当的证书。您可以使用正确的主机名轻松创建自签名证书,这样做而不是添加 SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER 标志。

    I did not include the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER on purpose: The point was to allow testing with self signed certificates so you don't have to acquire a proper certificate from a certification authority. You can easily create a self-signed certificate with the correct host name, so do that instead of adding the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER flag.

    这篇关于忽略Apache HttpClient 4.3中的SSL证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

    07-17 11:51
    查看更多