java连接https时禁用证书验证.
import java.io.File; import java.security.cert.CertificateException; import java.util.List; import java.util.Map; import javax.net.ssl.SSLContext; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.TrustSelfSignedStrategy; import org.apache.http.conn.ssl.TrustStrategy; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.ssl.SSLContexts; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.client.RestTemplate; public String test_getssoinfo() throws Exception { TrustStrategy acceptingTrustStrategy = new TrustStrategy() { @Override public boolean isTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { System.out.println("in isTrusted" ); // TODO 完成方法实现 return true; } } ; SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom() .loadTrustMaterial(null, acceptingTrustStrategy) .build(); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext); CloseableHttpClient httpClient = HttpClients.custom() .setSSLSocketFactory(csf) .build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); requestFactory.setHttpClient(httpClient); RestTemplate restTemplate = new RestTemplate(requestFactory); // RestTemplate restTemplate = new RestTemplate(); String userJsonStr = restTemplate.getForObject("https://www.xxx.yy/", String.class); return userJsonStr; }
okhttp:
X509TrustManager trustManager = new X509TrustManager() { @Override public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { StrUtil.log("getAcceptedIssuers()"); return new X509Certificate[0]; } }; SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, new X509TrustManager[] { trustManager }, new java.security.SecureRandom()); SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); builder.sslSocketFactory(sslSocketFactory, trustManager).hostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { StrUtil.log("verify() hostname:" + hostname + ", session:" + (session != null ? session.toString() : "null")); return true; } });