waitfor任务如何忽略SSL证书问题? | waitfor任务如何忽略SSL证书问题

本文介绍了waitfor任务如何忽略SSL证书问题?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

考虑到我的应用程序在本地主机上运行，以下Ant片段在我的本地环境中运行良好:

The Ant snippet below works well in my local environment, considering my app is running on localhost:

<waitfor maxwait="120" maxwaitunit="second" checkevery="1">
    <and>
        <http url="https://localhost:${env.https.port}/${env.context.path}/${url}"/>
    </and>
</waitfor>

但是它在Linux测试服务器上不起作用.即使应用程序在本地主机上运行，它也会等待2分钟.我通过使用Ant回显任务并在服务器上为其运行"curl"，来验证所创建的url是否有效.

But it does not work on a linux test server. It waits 2 minutes even if the application is running on localhost. I verify the created url is valid using an Ant echo task and by running "curl" for it on the server.

运行时在服务器上:

curl https://localhost:8080/live/index.html

我收到认证错误.但是当我运行(忽略证书)时:

I get a certification error. But when I run (ignore certificate):

curl -k https://localhost:8080/live/index.html

效果很好.

我想知道Ant脚本是否也由于认证错误而无法使用，如果是，该如何解决?如果没有，关于Ant脚本的任何建议吗?

I am wondering if the Ant script also does not work because of the certification error, and if so, how can I fix it? If not, any suggestions on the Ant script?

推荐答案

这是一个可能的起点.这执行了curl -k的某些功能，但是是在Ant内部执行的.由于这会禁用证书检查，因此应在安全的环境下谨慎使用！您没有说出您遇到了哪个证书错误，但是如果需要，您可以扩展以下内容.

Here's a possible starting point. This does some of what curl -k does, but from within Ant. As this disables certificate checking it should be used with care in a safe context! You didn't say which certificate error you had, but you can likely extend the below if needed.

<script language="javascript"><![CDATA[

  // Create a trust manager that does not validate certificate chains

  var TrustManagerInterface = Java.type( "javax.net.ssl.X509TrustManager" );
  var X509TrustManager = new TrustManagerInterface() {
    getAcceptedIssuers: function() { return null; },
    checkClientTrusted: function() { },
    checkServerTrusted: function() { },
  };

  var TrustManagerArrayType = Java.type( "javax.net.ssl.TrustManager[]" );
  var trust_manager_array = new TrustManagerArrayType( 1 );
  trust_manager_array[0] = X509TrustManager;

  var SecureRandomType = Java.type( "java.security.SecureRandom" );
  var secure_random = new SecureRandomType;

  var SSLContextType = Java.type( "javax.net.ssl.SSLContext" );
  var ssl_context = SSLContextType.getInstance( "SSL" );

  ssl_context.init( null, trust_manager_array, secure_random );

  var HttpsURLConnectionType = Java.type( "javax.net.ssl.HttpsURLConnection" );
  HttpsURLConnectionType.setDefaultSSLSocketFactory( ssl_context.getSocketFactory( ) );


  // Do not validate certificate hostnames

  var HostnameVerifierType = Java.type( "javax.net.ssl.HostnameVerifier" );
  var host_verifier = new HostnameVerifierType() {
    verify: function() { return true; }
  };
  HttpsURLConnectionType.setDefaultHostnameVerifier( host_verifier );
]]>
</script>


<waitfor maxwait="120" maxwaitunit="second" checkevery="2" checkeveryunit="second">
  <http url="https://wrong.host.badssl.com" />
</waitfor>

我使用 https://badssl.com 进行了上述测试.

I used https://badssl.com to test the above.

顺便说一句，我认为check every的默认单位可能不到一秒，因此建议您添加checkeveryunit.

As an aside, I think the default unit for check every might be sub-second, so recommend you add checkeveryunit.

以上是与Nashorn一起使用的.如果您使用的Java是较旧的版本，则也可以使用Rhino版本.

Above is for use with Nashorn. A Rhino version should also be possible if you have an older version of Java.

以上内容源自此来源.

这篇关于waitfor任务如何忽略SSL证书问题?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！