httpclient 4 忽略ssl证书

import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.TrustStrategy;
import org.apache.http.util.EntityUtils;

import javax.net.ssl.SSLContext;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/**
 * Created by chenganshi on 16/9/17.
 */
public class Test2 {

    public static void main(String[] args) throws Exception {
        /*CloseableHttpClient httpClient = HttpClients.custom()
                .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
                .build();
        httpClient.execute(new HttpGet("https://kyfw.12306.cn/otn/regist/init"));*/
        main2();
    }

    public static void main2() throws Exception {
        SSLContext sslContext = SSLContexts.custom()
                .loadTrustMaterial(new TrustStrategy() {
                    @Override
                    public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                        return true;
                    }
                })
                .build();
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
                sslContext,
                NoopHostnameVerifier.INSTANCE);
        /*SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
                sslContext,
                new DefaultHostnameVerifier());*/
        /*SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
                sslContext);*/
        PlainConnectionSocketFactory plainConnectionSocketFactory = new PlainConnectionSocketFactory();
        Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
                .register("https", sslsf)
                .register("http", plainConnectionSocketFactory)
                .build();
        PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(registry);
        CloseableHttpClient httpClient = HttpClients.custom()
                .setConnectionManager(connectionManager)
                .build();
        ResponseHandler<String> handler = new ResponseHandler<String>() {
            @Override
            public String handleResponse(HttpResponse response) throws ClientProtocolException, IOException {
                return EntityUtils.toString(response.getEntity(), "UTF-8");
            }
        };
        String baidu = httpClient.execute(new HttpGet("http://www.baidu.com"), handler);
        System.out.println("baidu[" + baidu + "]");
        String ticket = httpClient.execute(new HttpGet("https://kyfw.12306.cn/otn/regist/init"), handler);
        //报错，证书和域名不匹配！Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: Host name '211.162.177.45' does not match the certificate subject provided by the peer (CN=kyfw.12306.cn, OU=铁路客户服务中心, O=Sinorail Certification Authority, C=CN)
        //String ticket = httpClient.execute(new HttpGet("https://211.162.177.45/otn/regist/init"), handler);
        System.out.println("ticket[" + ticket + "]");

        String gitosc = httpClient.execute(new HttpGet("https://git.oschina.net/"), handler);
        System.out.println("--------");
        System.out.println(gitosc);
    }

}

转载于:https://my.oschina.net/cashi/blog/747764