前言
基于https的访问很多情况下是需要证书认证。
解决办法不外乎几个。
- 忽略SSL证书
- 导入ssl证书
第一种的话可以用下面这行代码
以下这行代码是全局性的,表示当前程序所有请求都不会验证SSL的可靠性,慎用。
另外使用OKHTTP的话,在构建的时候,对SSLSocketFactory
和HostnameVerifier
设置相同的属性即可。
// 全局关闭SSL认证
DisableSSLCertificateCheckUtil.disableChecks();
工具类 DisableSSLCertificateCheckUtil.java
package com.ygsoft.hzc.tool;
import javax.net.ssl.*;
import java.io.IOException;
import java.net.URL;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
public final class DisableSSLCertificateCheckUtil {
/**
* Prevent instantiation of utility class.
*/
private DisableSSLCertificateCheckUtil() {
}
/**
* Disable trust checks for SSL connections.
*/
public static void disableChecks() {
try {
new URL("https://0.0.0.0/").getContent();
} catch (IOException e) {
// This invocation will always fail, but it will register the
// default SSL provider to the URL class.
}
try {
SSLContext sslc;
sslc = SSLContext.getInstance("TLS");
TrustManager[] trustManagerArray = {new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];