c# https请求忽略证书验证_各种编程语言忽略http的SSL证书认证

最新推荐文章于 2024-04-25 11:06:11 发布
最新推荐文章于 2024-04-25 11:06:11 发布
阅读量1.8k 收藏
点赞数 1
文章标签: c# https请求忽略证书验证
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_30923011/article/details/113559051
版权

前言

我们内部测试的http服务器很多时候证书都是没有经过第三方认证的,我们发送http请求基本上都是忽略证书认证。

我总结了一下常用编程语言使用http请求时忽略证书认证的代码片段,记录一下下。

代码

go语言

func httpPost(url, body string) ([]byte, error) {

req, err := http.NewRequest(http.MethodPost, urlPre+url, strings.NewReader(body))

if err != nil {

return nil, err

}

req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

client := &http.Client{ // 忽略证书验证

Transport: &http.Transport{

TLSClientConfig: &tls.Config{

InsecureSkipVerify: true,

},

},

}

resp, err := client.Do(req)

if resp != nil {

defer resp.Body.Close()

}

if err != nil {

return nil, err

}

data, err := ioutil.ReadAll(resp.Body)

if err != nil {

return nil, err

}

return data, nil

}

Python语言

import json

import requests

try:

# verify = False 表示忽略证书

response = requests.post("http://www.baidu.com/",verify = False, headers = header, data = "")

data = json.loads(response.text)

print(data)

except Exception as e:

print('error:', e)

Ruby语言

require 'rest-client'

require 'json'

begin

# :verify_ssl => OpenSSL::SSL::VERIFY_NONE 表示忽略证书

resp = RestClient::Request.execute(method: :post, url: "http://www.baidu.com/", payload: "", headers: headers, :verify_ssl => OpenSSL::SSL::VERIFY_NONE)

data = JSON.parse(resp.body)

puts(data)

rescue => e

puts("#{e.class}, #{e.message}")

end

Java语言

package iotp;

import java.io.BufferedReader;

import java.io.IOException;

import java.io.InputStream;

import java.io.InputStreamReader;

import java.io.OutputStream;

import java.net.MalformedURLException;

import java.net.URL;

import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSession;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

public class janbar {

public static void main(String[] args) {

trustAllHosts(); // 只在开头执行一次即可

String data = httpPost("http://www.baidu.com/", "");

System.out.println(data);

}

public static String httpPost(String httpUrl, String param) {

HttpsURLConnection connection = null;

InputStream is = null;

OutputStream os = null;

BufferedReader br = null;

String result = null;

try {

// 通过远程url连接对象打开连接

connection = (HttpsURLConnection) new URL(urlPre + httpUrl).openConnection();

// 忽略证书认证

connection.setHostnameVerifier(DO_NOT_VERIFY);

// 设置连接请求方式

connection.setRequestMethod("POST");

// 设置连接主机服务器超时时间:15000毫秒

connection.setConnectTimeout(15000);

// 设置读取主机服务器返回数据超时时间:60000毫秒

connection.setReadTimeout(60000);

// 默认值为:false,当向远程服务器传送数据/写数据时,需要设置为true

connection.setDoOutput(true);

// 默认值为:true,当前向远程服务读取数据时,设置为true,该参数可有可无

connection.setDoInput(true);

// 设置传入参数的格式:请求参数应该是 name1=value1&name2=value2 的形式。

connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");

// 通过连接对象获取一个输出流

os = connection.getOutputStream();

// 通过输出流对象将参数写出去/传输出去,它是通过字节数组写出的

os.write(param.getBytes());

// 通过连接对象获取一个输入流,向远程读取

if (connection.getResponseCode() == 200) {

is = connection.getInputStream();

// 对输入流对象进行包装:charset根据工作项目组的要求来设置

br = new BufferedReader(new InputStreamReader(is, "UTF-8"));

StringBuffer sbf = new StringBuffer();

String temp = null;

// 循环遍历一行一行读取数据

while ((temp = br.readLine()) != null) {

sbf.append(temp);

sbf.append("\r\n");

}

result = sbf.toString();

}

} catch (MalformedURLException e) {

e.printStackTrace();

} catch (IOException e) {

e.printStackTrace();

} finally {

// 关闭资源

if (null != br) {

try {

br.close();

} catch (IOException e) {

e.printStackTrace();

}

}

if (null != os) {

try {

os.close();

} catch (IOException e) {

e.printStackTrace();

}

}

if (null != is) {

try {

is.close();

} catch (IOException e) {

e.printStackTrace();

}

}

// 断开与远程地址url的连接

connection.disconnect();

}

return result;

}

private static void trustAllHosts() {

// Create a trust manager that does not validate certificate chains

TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

public java.security.cert.X509Certificate[] getAcceptedIssuers() {

return new java.security.cert.X509Certificate[] {};

}

public void checkClientTrusted(X509Certificate[] chain, String authType) {

}

public void checkServerTrusted(X509Certificate[] chain, String authType) {

}

} };

// Install the all-trusting trust manager

try {

SSLContext sc = SSLContext.getInstance("TLS");

sc.init(null, trustAllCerts, new java.security.SecureRandom());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

} catch (Exception e) {

e.printStackTrace();

}

}

private final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {

public boolean verify(String hostname, SSLSession session) {

return true;

}

};

}

PHP语言

function httpPost($url, $content) {

$ch = curl_init();

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // 跳过证书检查

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); // 从证书中检查SSL加密算法是否存在

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type','application/x-www-form-urlencoded'));

curl_setopt($ch, CURLOPT_POST, true);

curl_setopt($ch, CURLOPT_POSTFIELDS, $content);

$response = curl_exec($ch);

if($error=curl_error($ch)){

die($error);

}

curl_close($ch);

return $response;

}

$data = httpPost("http://www.baidu.com/", "");

$data = json_decode($data, true);

var_dump($data);

C#语言

using System;

using System.Collections.Generic;

using System.Text;

using System.Net;

using System.IO;

namespace SundrayApi

{

class Program

{

static void Main(string[] args)

{

string data = apiPost("http://www.baidu.com/", "");

Console.WriteLine(data);

Console.ReadLine();

}

static string apiPost(string url, string body)

{

string content = string.Empty;

try

{

/* 跳过ssl验证 */

ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true;

HttpWebRequest request = HttpWebRequest.Create(preUrl + url) as HttpWebRequest;

request.Method = "POST";

request.ContentType = "application/x-www-form-urlencoded";

byte[] data = Encoding.UTF8.GetBytes(body);

Stream newStream = request.GetRequestStream();

newStream.Write(data, 0, data.Length);

newStream.Close();

HttpWebResponse response = (HttpWebResponse)request.GetResponse();

Stream stream = response.GetResponseStream();

StreamReader reader = new StreamReader(stream, Encoding.UTF8);

content = reader.ReadToEnd();

reader.Close();

response.Close();

}

catch (Exception ex)

{

content = ex.ToString();

}

return content;

}

}

}

C/C++语言

c语言需要编译一下下,如下流程即可。

wget https://curl.haxx.se/download/curl-7.73.0.tar.gz

./configure

make

gcc test.c -l curl -L /root/c/curl/curl-7.73.0/lib/.libs -I /root/c/curl/curl-7.73.0/include

#include

#include

#include

#include

typedef struct {

char *memory;

size_t size;

} MemoryStruct;

static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)

{

size_t realsize = size * nmemb;

MemoryStruct *mem = (MemoryStruct *)userp;

char *ptr = realloc(mem->memory, mem->size + realsize + 1);

if(ptr == NULL) { /* out of memory! */

printf("not enough memory (realloc returned NULL)\n");

return 0;

}

mem->memory = ptr;

memcpy(&(mem->memory[mem->size]), contents, realsize);

mem->size += realsize;

mem->memory[mem->size] = 0;

return realsize;

}

int httpPost(const char *url, char *data, int size)

{

int ret = -1;

if(url == NULL || data == NULL){

return ret;

}

CURL *curl = curl_easy_init();

struct curl_slist* headers;

long retcode = 0;

MemoryStruct chunk;

chunk.size = 0;

chunk.memory = malloc(1);

headers = curl_slist_append(headers, "Content-Type: application/x-www-form-urlencoded");

curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);

curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);

curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);

curl_easy_setopt(curl, CURLOPT_POST, 1);

curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);

curl_easy_setopt(curl, CURLOPT_URL, url);

curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);

curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk);

CURLcode res = curl_easy_perform(curl);

curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &retcode);

if (res == CURLE_OK && retcode == 200) {

ret = 0;

if (chunk.size > 0) {

if (chunk.size > size)

chunk.size = size - 1; /* 超出限制,不拷贝 */

memcpy(data, chunk.memory, chunk.size);

}

data[chunk.size] = 0; /* 结束符 */

} else {

ret = -2;

}

curl_easy_cleanup(curl);

free(chunk.memory);

return ret;

}

int main(int argc, char *argv[])

{

int url_len = 128, data_len = 2048;

char *url = (char *)malloc(sizeof(char) * url_len);

char *data = (char *)malloc(sizeof(char) * data_len);

strcpy(url, "http://www.baidu.com/");

strcpy(data, "");

int ret = httpPost(url, data, data_len);

if (ret != 0) {

return ret;

}

printf("[%s]\n\n",data);

return 0;

}

shell语言

#!/bin/bash

# 使用 -k 参数忽略证书

data=$(curl -s -k "http://www.baidu.com/" -d "")

echo "$data"

总结

把常用编程语言的http忽略证书代码做个笔记,方便以后再来查看。本来想写写lua的,但是lua连socket都得编译个库来搞,还是以后有需求再搞搞吧。

另外再附上

爱分析
关注
  • 1
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
HttpClient对于https的支持和配置
qq_22752667的博客
09-02 3163
网上有许多对于https的支持配置,但是对于一些新手而言,显然不够直接拿来复制粘贴然后运行出来,所以今天就将整套代码拿出来与大家分享,希望指正错误和帮我优化代码
c# https请求忽略证书验证_C# 某些https无法访问
weixin_26872803的博客
01-12 570
先帖上关键代码:var url1 = "https://uatdatarewardsgateway.92jiangbei.com/";var json = "{\"date\":\"2020-05-21\"}";string msg1 = string.Empty;string msg2 = string.Empty;var result = HttpPost(url1,json,out msg1...
httpClient实例httpClient调用 http/https实例 忽略SSL验证
03-30
以上自己测试是可行的,直接拿过去导入即可,直接用main
.NET C# 使用HttpClient时忽略HTTPS证书
C# UWP开发技术探讨
06-13 8518
写了个爬虫爬一个网站的数据,本来一直好好的,结果今天发现有一段时间爬不到数据了,一检查发现他们的HTTPS证书过期了,导致抛异常。 于是,就想办法绕过这个Https证书的限制,在网上搜了一下,基本都是Java、.NETCore的,搜到几个说是.NET的,但实际都不可行,最后还是自己摸索和查看MSDN找到了解决办法,特此记录。 添加System.Net.Http.WebRequest的引用 ...
http忽略ssl认证
最新发布
weixin_54505261的博客
04-25 1150
httpclient证书忽略以及urlconnection证书忽略
C# .NET Core 使用HttpClient时忽略HTTPS证书
beautifull001的博客
12-24 2354
最近项目遇到HttpClient请求代理时报SSL认证失败,解决方案记录 var handler = new HttpClientHandler(); handler.ServerCertificateCustomValidationCallback = delegate { return true; }; var client = new HttpClient(handler); ...
C# 跳过SSL证书认证
weixin_43783990的博客
03-02 2280
C# 跳过SSL证书认证
httpclient使用详解
cuijieb的专栏
09-12 1434
Http协议的重要性相信不用我多说了,HttpClient相比传统JDK自带的URLConnection,增加了易用性和灵活性(具体区别,日后我们再讨论),它不仅是客户端发送Http请求变得容易,而且也方便了开发人员测试接口(基于Http协议的),即提高了开发的效率,也方便提高代码的健壮性。因此熟练掌握HttpClient是很重要的必修内容,掌握HttpClient后,相信对于Http协议的了解会
HttpClient4.5 实现https忽略SSL证书验证
09-22
使用HttpClient4.5实现https请求忽略SSL证书验证工具类
http过代理和忽略ssl证书
11-19
例如,在编程语言如Python的请求库中,可以通过设置忽略证书验证的选项来实现。但这只适用于开发测试环境,生产环境中绝对不能忽视证书验证,否则将严重违反网络安全最佳实践。 以下是一些关键步骤: 1. **配置...
httpclient4.5发送https请求验证证书
07-03
不会的可以在评论区留言哈,这是我自己做项目用到的。所以绝对可用!同时共享出来给到大家

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值