java代码如何忽略证书 java代码如何忽略证书编号

java HttpsURLConnection怎么绕过证书,原理是什么

https的证书发放是基于x509的

公司主营业务:成都网站建设、网站设计、移动网站开发等业务。帮助企业客户真正实现互联网宣传,提高企业的竞争能力。创新互联公司是一支青春激扬、勤奋敬业、活力青春激扬、勤奋敬业、活力澎湃、和谐高效的团队。公司秉承以“开放、自由、严谨、自律”为核心的企业文化,感谢他们对我们的高要求,感谢他们从不同领域给我们带来的挑战,让我们激情的团队有机会用头脑与智慧不断的给客户带来惊喜。创新互联公司推出临泽免费做网站回馈大家。

证书可以是自己生成的(叫做自签名证书),可以是CA中心发放的

X509TrustManager产生的就是一个自签名证书。。

因为你配置的tomcat和google

https接受自签名证书,所以才能访问。

java 调用WebService如何跳过安全证书验证的问题

安全认证还能跳过?

不能吧,要不就添加密码

要不就取消webservice上的加密

Java的HttpClient如何去支持无证书访问https

项目里需要访问其他接口,通过http/https协议。我们一般是用HttpClient类来实现具体的http/https协议接口的调用。

// Init a HttpClient

HttpClient client = new HttpClient();

String url=;

// Init a HttpMethod

HttpMethod get = new GetMethod(url);

get.setDoAuthentication(true);

get.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, new DefaultHttpMethodRetryHandler(1, false));

// Call http interface

try {

client.executeMethod(get);

// Handle the response from http interface

InputStream in = get.getResponseBodyAsStream();

SAXReader reader = new SAXReader();

Document doc = reader.read(in);

} finally {

// Release the http connection

get.releaseConnection();

}

以上代码在通过普通的http协议是没有问题的,但如果是https协议的话,就会有证书文件的要求了。一般情况下,是这样去做的。

// Init a HttpClient

HttpClient client = new HttpClient();

String url=;

if (url.startsWith("https:")) {

System.setProperty("javax.net.ssl.trustStore", "/.sis.cer");

System.setProperty("javax.net.ssl.trustStorePassword", "public");

}

于是,这里就需要事先生成一个.sis.cer的文件,生成这个文件的方法一般是先通过浏览器访问https://,导出证书文件,再用JAVA keytool command 生成证书

# $JAVA_HOME/bin/keytool -import -file sis.cer -keystore .sis.cer

但这样做,一比较麻烦,二来证书也有有效期,过了有效期之后,又需要重新生成一次证书。如果能够避开生成证书文件的方式来使用https的话,就比较好了。

还好,在最近的项目里,我们终于找到了方法。

// Init a HttpClient

HttpClient client = new HttpClient();

String url=;

if (url.startsWith("https:")) {

this.supportSSL(url, client);

}

用到了supportSSL(url, client)这个方法,看看这个方法是如何实现的。

private void supportSSL(String url, HttpClient client) {

if(StringUtils.isBlank(url)) {

return;

}

String siteUrl = StringUtils.lowerCase(url);

if (!(siteUrl.startsWith("https"))) {

return;

}

try {

setSSLProtocol(siteUrl, client);

} catch (Exception e) {

logger.error("setProtocol error ", e);

}

Security.setProperty( "ssl.SocketFactory.provider",

"com.tool.util.DummySSLSocketFactory");

}

private static void setSSLProtocol(String strUrl, HttpClient client) throws Exception {

URL url = new URL(strUrl);

String host = url.getHost();

int port = url.getPort();

if (port = 0) {

port = 443;

}

ProtocolSocketFactory factory = new SSLSocketFactory();

Protocol authhttps = new Protocol("https", factory, port);

Protocol.registerProtocol("https", authhttps);

// set https protocol

client.getHostConfiguration().setHost(host, port, authhttps);

}

在supportSSL方法里,调用了Security.setProperty( "ssl.SocketFactory.provider",

"com.tool.util.DummySSLSocketFactory");

那么这个com.tool.util.DummySSLSocketFactory是这样的:

访问https 资源时,让httpclient接受所有ssl证书,在weblogic等容器中很有用

代码如下:

1. import java.io.IOException;

2. import java.net.InetAddress;

3. import java.net.InetSocketAddress;

4. import java.net.Socket;

5. import java.net.SocketAddress;

6. import java.net.UnknownHostException;

7. import java.security.KeyManagementException;

8. import java.security.NoSuchAlgorithmException;

9. import java.security.cert.CertificateException;

10. import java.security.cert.X509Certificate;

11.

12. import javax.net.SocketFactory;

13. import javax.net.ssl.SSLContext;

14. import javax.net.ssl.TrustManager;

15. import javax.net.ssl.X509TrustManager;

16.

17. import org.apache.commons.httpclient.ConnectTimeoutException;

18. import org.apache.commons.httpclient.params.HttpConnectionParams;

19. import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;

20.

21. public class MySecureProtocolSocketFactory implements SecureProtocolSocketFactory {

22. static{

23. System.out.println("in MySecureProtocolSocketFactory");

24. }

25. private SSLContext sslcontext = null;

26.

27. private SSLContext createSSLContext() {

28. SSLContext sslcontext=null;

29. try {

30. sslcontext = SSLContext.getInstance("SSL");

31. sslcontext.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());

32. } catch (NoSuchAlgorithmException e) {

33. e.printStackTrace();

34. } catch (KeyManagementException e) {

35. e.printStackTrace();

36. }

37. return sslcontext;

38. }

39.

40. private SSLContext getSSLContext() {

41. if (this.sslcontext == null) {

42. this.sslcontext = createSSLContext();

43. }

44. return this.sslcontext;

45. }

46.

47. public Socket createSocket(Socket socket, String host, int port, boolean autoClose)

48. throws IOException, UnknownHostException {

49. return getSSLContext().getSocketFactory().createSocket(

50. socket,

51. host,

52. port,

53. autoClose

54. );

55. }

56.

57. public Socket createSocket(String host, int port) throws IOException,

58. UnknownHostException {

59. return getSSLContext().getSocketFactory().createSocket(

60. host,

61. port

62. );

63. }

64.

65.

66. public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort)

67. throws IOException, UnknownHostException {

68. return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort);

69. }

70.

71. public Socket createSocket(String host, int port, InetAddress localAddress,

72. int localPort, HttpConnectionParams params) throws IOException,

73. UnknownHostException, ConnectTimeoutException {

74. if (params == null) {

75. throw new IllegalArgumentException("Parameters may not be null");

76. }

77. int timeout = params.getConnectionTimeout();

78. SocketFactory socketfactory = getSSLContext().getSocketFactory();

79. if (timeout == 0) {

80. return socketfactory.createSocket(host, port, localAddress, localPort);

81. } else {

82. Socket socket = socketfactory.createSocket();

83. SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);

84. SocketAddress remoteaddr = new InetSocketAddress(host, port);

85. socket.bind(localaddr);

86. socket.connect(remoteaddr, timeout);

87. return socket;

88. }

89. }

90.

91. //自定义私有类

92. private static class TrustAnyTrustManager implements X509TrustManager {

93.

94. public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

95. }

96.

97. public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

98. }

99.

100. public X509Certificate[] getAcceptedIssuers() {

101. return new X509Certificate[]{};

102. }

103. }

104.

105. }

public class MySecureProtocolSocketFactory implements SecureProtocolSocketFactory {

static{

System.out.println("in MySecureProtocolSocketFactory");

}

private SSLContext sslcontext = null;

private SSLContext createSSLContext() {

SSLContext sslcontext=null;

try {

sslcontext = SSLContext.getInstance("SSL");

sslcontext.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

} catch (KeyManagementException e) {

e.printStackTrace();

}

return sslcontext;

}

private SSLContext getSSLContext() {

if (this.sslcontext == null) {

this.sslcontext = createSSLContext();

}

return this.sslcontext;

}

public Socket createSocket(Socket socket, String host, int port, boolean autoClose)

throws IOException, UnknownHostException {

return getSSLContext().getSocketFactory().createSocket(

socket,

host,

port,

autoClose

);

}

public Socket createSocket(String host, int port) throws IOException,

UnknownHostException {

return getSSLContext().getSocketFactory().createSocket(

host,

port

然后按如下方式使用HttpClient

Protocol myhttps = new Protocol("https", new MySecureProtocolSocketFactory (), 443);

Protocol.registerProtocol("https", myhttps);

HttpClient httpclient=new HttpClient();

java HttpsURLConnection怎么绕过证书,原理是什么

最近项目中用到通过HttpURLConnection去连接一个url进行访问操作,但是在实际的部署环境中,web服务器使用了ssl,直接通过HttpURLConnection无法访问,然后通过修改代码,使用HttpsURLConnction,加载证书啊之类的来实现访问。但是问题来了,我部署的应该每次都需要容器的keystore文件、密码。后来看到网上有人有代码可以绕过证书、或者使用common-httpclient来访问(自动加载证书),但是小弟我对这个原理一点不懂,求解!问题补充:如果使用加载keystore文件的话,我每次部署应用都需要知道容器设置的keystore文件,通过网上的代码,我不用关注证书之类的信息,就可以访问https的url。还是迷茫啊 问题补充:谢谢你的回答,脑子中有点概念了,不过还是有点迷糊,还在学习中。你说的自签名证书的意思是不是在与server通信过程中,客户端使用的证书是自己生成的,我们在代码中通过使用X509TrustManager来产生? br / br /div class="quote_title"beneo 写道/divdiv class="quote_div"https的证书发放是基于x509的 br / br /证书可以是自己生成的(叫做自签名证书),可以是CA中心发放的 br / br /X509TrustManager产生的就是一个自签名证书。。 br / br /因为你配置的tomcat和google https接受自签名证书,所以才能访问。/div br / 问题补充:非常谢谢beneo, br /本人javaeye分实在太少,不好意思了。大家多交流交流^_^!!!

解析Java为什么不接受合法的HTTPS证书

在我们使用Java调用远程接口或是抓取数据时经常会发生以下错误:

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)

at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)

at sun.security.validator.Validator.validate(Validator.java:260)

at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)

at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X

idea标红代码改忽略

1、首先打开打开IDEA软件,进入Java代码编辑主界面,在编辑窗口上方,点击其中的“文件”菜单项。

2、其次在下拉子菜单中,点击“设置”选项在弹出的“设置”窗口,选择左侧列表中的“高级设置”栏。

3、最后在右侧“版本控制”栏目下,勾选“高亮显示忽略的文件”复选框即可。


分享文章:java代码如何忽略证书 java代码如何忽略证书编号
分享URL:http://myzitong.com/article/dodghdc.html