问题描述
如何忽略
- How to ignore SSL certificate errors in Apache HttpClient 4.0
- How to handle invalid SSL certificates with Apache HttpClient?
- Need to trust all the certificates during the development using Spring
- Ignore SSL Certificate Errors with Java
编辑:
- 仅用于测试目的。孩子们,不要在家里(或在制作中)尝试。
推荐答案
下面的代码适用于信任自签名证书。您必须使用创建客户端时:
The code below works for trusting self-signed certificates. You have to use the TrustSelfSignedStrategy when creating your client:
SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
builder.build());
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(
sslsf).build();
HttpGet httpGet = new HttpGet("https://some-server");
CloseableHttpResponse response = httpclient.execute(httpGet);
try {
System.out.println(response.getStatusLine());
HttpEntity entity = response.getEntity();
EntityUtils.consume(entity);
}
finally {
response.close();
}
我没有包含 SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
故意:重点是允许使用自签名证书进行测试,这样您就不必从证书颁发机构获得适当的证书。您可以使用正确的主机名轻松创建自签名证书,这样做而不是添加 SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
标志。
I did not include the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
on purpose: The point was to allow testing with self signed certificates so you don't have to acquire a proper certificate from a certification authority. You can easily create a self-signed certificate with the correct host name, so do that instead of adding the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
flag.
这篇关于忽略Apache HttpClient 4.3中的SSL证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!