凌动小生的Blog

  博客园 :: 首页 :: 博问 :: 闪存 :: 新随笔 :: 联系 :: 订阅 订阅 :: 管理 ::

Our Development setups won't have valid or trusted certificates. When do you want test our webserver code over HTTPS, we need to handle these certificates with special code.

The common approach is to import these HTTPS certificates into JDK cacerts or override the trust store:
In Java:

System.setProperty("javax.net.ssl.trustStore","clientTrustStore.key");
System.setProperty("javax.net.ssl.trustStorePassword","qwerty");

 

If you are working with many such systems or test setups in LAN or internet, it is time taking to import these certificates in our trust stores. So we can allow a setting in our code to ignore these certificates with below code snippets.

复制代码
HostnameVerifier hostNameVerifier = new HostnameVerifier()
{
 
    public boolean verify(String s, SSLSession sslSession)
    {
        return true;
    }
};
HttpsURLConnection.setDefaultHostnameVerifier(hostNameVerifier);
 
TrustManager[] trustAllCerts = new TrustManager[]{
        new X509TrustManager()
        {
            public java.security.cert.X509Certificate[] getAcceptedIssuers()
            {
                return null;
            }
 
            public void checkClientTrusted(X509Certificate[] certs, String authType)
            {
            }
 
            public void checkServerTrusted(X509Certificate[] certs, String authType)
            {
            }
        }
};
 
// Install the all-trusting trust manager
try {
    SSLContext sc = SSLContext.getInstance("SSL");
    sc.init(null, trustAllCerts, new java.security.SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    logger.fine("Socket factory initialized");
    System.out.println("Ignoring server certificates");
} catch (Exception e) {
    logger.log(Level.SEVERE, "Failed initializing socket factory to ignore certificates.", e);
}
复制代码

In Java using Apache Commons HTTP Util: 

 Protocol easyhttps = new Protocol("https", (ProtocolSocketFactory) new EasySSLProtocolSocketFactory(), 443);
        Protocol.registerProtocol("https", easyhttps);

In PHP using PHP CURL: 

//open connection
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
 
// ignore certs
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);

 

posted on   凌动小生  阅读(328)  评论(0编辑  收藏  举报
努力加载评论中...
点击右上角即可分享
微信分享提示