HttpClient执行https链接证书安全问题
2016-09-21 09:29
375 查看
/** * 获取可信任https链接,以避免不受信任证书出现peer not authenticated异常 * * @param httpClient * @return */ public static DefaultHttpClient wrapClient(HttpClient httpClient) { final X509Certificate[] _AcceptedIssuers = new X509Certificate[] {}; try { SSLContext ctx = SSLContext.getInstance("TLS"); X509TrustManager tm = new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return _AcceptedIssuers; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } }; ctx.init(null, new TrustManager[] { tm }, new SecureRandom()); SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = httpClient.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", 443, ssf)); return new DefaultHttpClient(ccm, httpClient.getParams()); } catch (Exception e) { e.printStackTrace(); return null; } }
备注:此方法在java7以下环境执行会报错
也可以在执行url前调用以下方法:
private static void trustAllHttpsCertificates() throws Exception { javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1]; javax.net.ssl.TrustManager tm = new miTM(); trustAllCerts[0] = tm; javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext .getInstance("SSL"); sc.init(null, trustAllCerts, null); javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc .getSocketFactory()); }
static class miTM implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public boolean isServerTrusted( java.security.cert.X509Certificate[] certs) { return true; } public boolean isClientTrusted( java.security.cert.X509Certificate[] certs) { return true; } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException { return; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) throws java.security.cert.CertificateException { return; } }
相关文章推荐
- Linux tcpdump命令详解
- http,ftp
- android 学习随笔七(网络:图片及文本传输及线程关系 )
- 【线性规划与网络流24题 24】骑士共存问题
- Windows Caffe 学习笔记(四)搭建自己的网络,训练和测试MNIST手写字体库
- http缓存
- HTTP2特性预览和抓包分析
- iOS 中对 HTTPS 证书链的验证
- 第44篇 WebRTC(七)
- 半同步半异步网络编程
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P27-P34
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P18-P26
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P9-P17
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P1-P8
- 【计算机网络:自顶向下方法(原书第6版)】课后习题和问题P1-P8
- TCP三次握手四次挥手
- 20.HTTP-NG
- 1.4 包交换网络的时延,丢包,吞吐
- 【04】基础:将采集结果转成Excel
- 【05】中级:翻页采集(以微博博主主页采集为例)