HttpClient执行https链接证书安全问题
2016-09-21 09:29
375 查看
/**
* 获取可信任https链接,以避免不受信任证书出现peer not authenticated异常
*
* @param httpClient
* @return
*/
public static DefaultHttpClient wrapClient(HttpClient httpClient) {
final X509Certificate[] _AcceptedIssuers = new X509Certificate[] {};
try {
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
@Override
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
@Override
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
};
ctx.init(null, new TrustManager[] { tm }, new SecureRandom());
SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
ClientConnectionManager ccm = httpClient.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https", 443, ssf));
return new DefaultHttpClient(ccm, httpClient.getParams());
} catch (Exception e) {
e.printStackTrace();
return null;
}
}备注:此方法在java7以下环境执行会报错
也可以在执行url前调用以下方法:
private static void trustAllHttpsCertificates() throws Exception {
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new miTM();
trustAllCerts[0] = tm;
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext
.getInstance("SSL");
sc.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc
.getSocketFactory());
}static class miTM implements javax.net.ssl.TrustManager,
javax.net.ssl.X509TrustManager {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public boolean isServerTrusted(
java.security.cert.X509Certificate[] certs) {
return true;
}
public boolean isClientTrusted(
java.security.cert.X509Certificate[] certs) {
return true;
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Linux tcpdump命令详解
- http,ftp
- android 学习随笔七(网络:图片及文本传输及线程关系 )
- 【线性规划与网络流24题 24】骑士共存问题
- Windows Caffe 学习笔记(四)搭建自己的网络,训练和测试MNIST手写字体库
- http缓存
- HTTP2特性预览和抓包分析
- iOS 中对 HTTPS 证书链的验证
- 第44篇 WebRTC(七)
- 半同步半异步网络编程
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P27-P34
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P18-P26
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P9-P17
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P1-P8
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P1-P8
- TCP三次握手四次挥手
- 20.HTTP-NG
- 1.4 包交换网络的时延,丢包,吞吐
- 【04】基础:将采集结果转成Excel
- 【05】中级:翻页采集(以微博博主主页采集为例)