请求https协议的时候,是需要进行SSL验证的。当然,如果这个请求是自己企业已知的或者是被企业已信任的,这个时候,咱们就会为了编程的方便,不需要把请求的根证书以及中间证书导入到JKS中了,让程序在调用HTTP协议的时候对服务器的服务器名和证书名进行对比。说了那么多,应该怎么做呢?
很简单,直接将下面代码段放入到请求类中,即可自动跳过SSL验证。
static {
try {
trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier
(
(urlHostName, session) -> true
);
} catch (Exception e) {
}
}
private static void trustAllHttpsCertificates()
throws NoSuchAlgorithmException, KeyManagementException {
TrustManager[] trustAllCerts = new TrustManager[1];
trustAllCerts[0] = new TrustAllManager();
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(
sc.getSocketFactory());
}
private static class TrustAllManager
implements X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkServerTrusted(X509Certificate[] certs,
String authType) {
}
public void checkClientTrusted(X509Certificate[] certs,
String authType) {
}
}