问题描述
考虑到我的应用程序在本地主机上运行,下面的 Ant 代码段在我的本地环境中运行良好:
The Ant snippet below works well in my local environment, considering my app is running on localhost:
<waitfor maxwait="120" maxwaitunit="second" checkevery="1">
<and>
<http url="https://localhost:${env.https.port}/${env.context.path}/${url}"/>
</and>
</waitfor>
但它在 linux 测试服务器上不起作用.即使应用程序在本地主机上运行,它也会等待 2 分钟.我使用 Ant echo 任务并通过在服务器上为它运行curl"来验证创建的 url 是否有效.
But it does not work on a linux test server. It waits 2 minutes even if the application is running on localhost. I verify the created url is valid using an Ant echo task and by running "curl" for it on the server.
在我运行时在服务器上:
On the server when I run:
curl https://localhost:8080/live/index.html
我收到认证错误.但是当我运行时(忽略证书):
I get a certification error. But when I run (ignore certificate):
curl -k https://localhost:8080/live/index.html
效果很好.
我想知道 Ant 脚本是否也因为认证错误而无法工作,如果是,我该如何解决?如果没有,对 Ant 脚本有什么建议吗?
I am wondering if the Ant script also does not work because of the certification error, and if so, how can I fix it? If not, any suggestions on the Ant script?
推荐答案
这是一个可能的起点.这做了一些 curl -k
所做的事情,但是在 Ant 中.由于这会禁用证书检查,因此应在安全环境中谨慎使用!您没有说明您遇到了哪个证书错误,但如果需要,您可以扩展以下内容.
Here's a possible starting point. This does some of what curl -k
does, but from within Ant. As this disables certificate checking it should be used with care in a safe context! You didn't say which certificate error you had, but you can likely extend the below if needed.
<script language="javascript"><![CDATA[
// Create a trust manager that does not validate certificate chains
var TrustManagerInterface = Java.type( "javax.net.ssl.X509TrustManager" );
var X509TrustManager = new TrustManagerInterface() {
getAcceptedIssuers: function() { return null; },
checkClientTrusted: function() { },
checkServerTrusted: function() { },
};
var TrustManagerArrayType = Java.type( "javax.net.ssl.TrustManager[]" );
var trust_manager_array = new TrustManagerArrayType( 1 );
trust_manager_array[0] = X509TrustManager;
var SecureRandomType = Java.type( "java.security.SecureRandom" );
var secure_random = new SecureRandomType;
var SSLContextType = Java.type( "javax.net.ssl.SSLContext" );
var ssl_context = SSLContextType.getInstance( "SSL" );
ssl_context.init( null, trust_manager_array, secure_random );
var HttpsURLConnectionType = Java.type( "javax.net.ssl.HttpsURLConnection" );
HttpsURLConnectionType.setDefaultSSLSocketFactory( ssl_context.getSocketFactory( ) );
// Do not validate certificate hostnames
var HostnameVerifierType = Java.type( "javax.net.ssl.HostnameVerifier" );
var host_verifier = new HostnameVerifierType() {
verify: function() { return true; }
};
HttpsURLConnectionType.setDefaultHostnameVerifier( host_verifier );
]]>
</script>
<waitfor maxwait="120" maxwaitunit="second" checkevery="2" checkeveryunit="second">
<http url="https://wrong.host.badssl.com" />
</waitfor>
我使用 https://badssl.com 来测试上述内容.
I used https://badssl.com to test the above.
顺便说一句,我认为 check every
的默认单位可能是亚秒级,因此建议您添加 checkeveryunit
.
As an aside, I think the default unit for check every
might be sub-second, so recommend you add checkeveryunit
.
以上适用于 Nashorn.如果您有旧版本的 Java,也应该可以使用 Rhino 版本.
Above is for use with Nashorn. A Rhino version should also be possible if you have an older version of Java.
以上来自这个来源.
这篇关于等待任务如何忽略 SSL 证书问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!