Java 信任所有SSL证书(解决PKIX path building failed问题)
2015-06-16 19:02
477 查看
http://javaweb.org/?p=1237
Java在请求某些不受信任的https网站时会报:PKIX path building failed
解决办法:
1、导入证书到本地证书库
2、信任所有SSL证书
最好的解决办法或许是信任所有SSL证书,因为某些时候不能每次都手动的导入证书非常麻烦。现在封装了个方法,在连接openConnection的时候忽略掉证书就行了。
SslUtils.java
SslTest.java:
Java在请求某些不受信任的https网站时会报:PKIX path building failed
1、导入证书到本地证书库
2、信任所有SSL证书
最好的解决办法或许是信任所有SSL证书,因为某些时候不能每次都手动的导入证书非常麻烦。现在封装了个方法,在连接openConnection的时候忽略掉证书就行了。
package com.emchat.example.httpclient.utils; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; public class SslUtils {private static void trustAllHttpsCertificates() throws Exception { TrustManager[] trustAllCerts = new TrustManager[1]; TrustManager tm = new miTM(); trustAllCerts[0] = tm; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, null); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } static class miTM implements TrustManager,X509TrustManager { public X509Certificate[] getAcceptedIssuers() { return null; } public boolean isServerTrusted(X509Certificate[] certs) { return true; } public boolean isClientTrusted(X509Certificate[] certs) { return true; } public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException { return; } public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException { return; } } /** * 忽略HTTPS请求的SSL证书,必须在openConnection之前调用 * @throws Exception */ public static void ignoreSsl() throws Exception{ HostnameVerifier hv = new HostnameVerifier() { public boolean verify(String urlHostName, SSLSession session) { System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost()); return true; } }; trustAllHttpsCertificates(); HttpsURLConnection.setDefaultHostnameVerifier(hv); } }
SslTest.java:
import java.io.OutputStreamWriter; import java.net.URL; import java.net.URLConnection; import org.apache.commons.io.IOUtils; public class SslTest { public String getRequest(String url,int timeOut) throws Exception{ URL u = new URL(url); if("https".equalsIgnoreCase(u.getProtocol())){ SslUtils.ignoreSsl(); } URLConnection conn = u.openConnection(); conn.setConnectTimeout(timeOut); conn.setReadTimeout(timeOut); return IOUtils.toString(conn.getInputStream()); } public String postRequest(String urlAddress,String args,int timeOut) throws Exception{ URL url = new URL(urlAddress); if("https".equalsIgnoreCase(url.getProtocol())){ SslUtils.ignoreSsl(); } URLConnection u = url.openConnection(); u.setDoInput(true); u.setDoOutput(true); u.setConnectTimeout(timeOut); u.setReadTimeout(timeOut); OutputStreamWriter osw = new OutputStreamWriter(u.getOutputStream(), "UTF-8"); osw.write(args); osw.flush(); osw.close(); u.getOutputStream(); return IOUtils.toString(u.getInputStream()); } public static void main(String[] args) { try { SslTest st = new SslTest(); String a = st.getRequest("https://xxx.com/login.action", 3000); System.out.println(a); } catch (Exception e) { e.printStackTrace(); } } }
相关文章推荐
- Selenium2学习-010-WebUI自动化实战实例-008-Selenium 操作下拉列表实例-Select
- ios的手势操作之UIGestureRecognizer
- ios UIDatePicker语言设置
- 156 UIImageView 和 CADisplayLink 实现 Tom 汤姆猫动画效果的区别(扩展知识:分组(黄色文件夹)和文件夹引用(蓝色文件夹)区别)
- UIView
- 统计easyui datagrid某列之和显示在对应列下面
- Android中蓝牙的基本应用--BluetoothAdapter类
- java 兑现固定长度的java.util.Queue
- Android bluetooth 蓝牙开发/蓝牙协议/蓝牙通信
- Index & Statistics ->> Rebuild Index会不会覆盖原先Index的WITH选项设置
- IOS9新增UIStackView
- NGUI在secene中看不到
- Ubiquitous Religions
- Ubiquitous Religions 分类: POJ 2015-06-16 17:13 11人阅读 评论(0) 收藏
- 去掉UItableview headerView黏性
- [转载]UEditor报错TypeError: me.body is undefined
- LeetCode之“动态规划”:Distinct Subsequences
- stl容器区别: vector list deque set map-底层实现
- IOS初级:UIAlertController
- EASYUI 中session 超时跳出Tabs