JAVA忽略证书返回403,java HttpClient 忽略证书的信任的实现 MySSLProtocolSocketFactory

packagecom.tgb.mq.producer.utils;importjava.io.IOException;importjava.net.InetAddress;importjava.net.InetSocketAddress;importjava.net.Socket;importjava.net.SocketAddress;importjava.net.UnknownHostException;importjava.security.KeyManagementException;importjava.security.NoSuchAlgorithmException;importjava.security.SecureRandom;importjava.security.cert.CertificateException;importjava.security.cert.X509Certificate;importjavax.net.ssl.SSLContext;importjavax.net.ssl.SSLSocketFactory;importjavax.net.ssl.TrustManager;importjavax.net.ssl.X509TrustManager;importorg.apache.commons.httpclient.ConnectTimeoutException;importorg.apache.commons.httpclient.params.HttpConnectionParams;importorg.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;importorg.slf4j.Logger;importorg.slf4j.LoggerFactory;public class MySSLProtocolSocketFactory implementsSecureProtocolSocketFactory {private static final Logger logger = LoggerFactory.getLogger(MySSLProtocolSocketFactory.class);private static SSLContext context = null;

SSLContext createSSLContext() {try{

context= SSLContext.getInstance("SSL");

context.init(null, new TrustManager[] { new TrustAnyTrustManager() }, newSecureRandom());

}catch(NoSuchAlgorithmException e) {

logger.debug(e.getMessage());

}catch(KeyManagementException e) {

logger.debug(e.getMessage());

}returncontext;

}

SSLContext getSSLContext() {if (context != null) {returncreateSSLContext();

}else{returncontext;

}

}

@Overridepublic Socket createSocket(String host, int port) throwsIOException, UnknownHostException {returngetSSLContext().getSocketFactory().createSocket(host, port);

}

@Overridepublic Socket createSocket(String host, int port, InetAddress localHost, int localPort) throwsIOException, UnknownHostException {returngetSSLContext().getSocketFactory().createSocket(host, port, localHost, localPort);

}

@Overridepublic Socket createSocket(Socket socket, String host, int port, boolean autoClose) throwsIOException, UnknownHostException {returngetSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose);

}

@Overridepublic Socket createSocket(String host, int port, InetAddress localHost, intlocalPort, HttpConnectionParams arg4)throwsIOException, UnknownHostException, ConnectTimeoutException {if (arg4 == null) {try{throw new Exception("参数为空");

}catch(Exception e) {

logger.debug(e.getMessage());

}

}int timeout =arg4.getConnectionTimeout();

SSLSocketFactory socketFactory=getSSLContext().getSocketFactory();if (timeout == 0) {returnsocketFactory.createSocket(host, port, localHost, localPort);

}else{

Socket socket=socketFactory.createSocket();

SocketAddress localAdd= newInetSocketAddress(localHost, localPort);

SocketAddress remoteAdd= newInetSocketAddress(host, port);

socket.bind(remoteAdd);

socket.connect(localAdd, timeout);returnsocket;

}

}//自定义

private static class TrustAnyTrustManager implementsX509TrustManager {

@Overridepublic void checkClientTrusted(X509Certificate[] chain, String authType) throwsCertificateException {//重写x509TrustManager中的checkClentTrusted方法,为空默认客户端是可信的

}

@Overridepublic void checkServerTrusted(X509Certificate[] chain, String authType) throwsCertificateException {//重写x509TrustManager中的checkServerTrusted方法,为空默认服务器是可信的

}

@OverridepublicX509Certificate[] getAcceptedIssuers() {//重写x509TrustManager中的getAcceptedIssuers方法,默认接受发行人的证书为空

return newX509Certificate[] {};

}

}

}