Groovy 有没有更简单的方法告诉HTTPBuilder忽略无效的证书?
根据,您可以通过一个相当繁琐的过程手动从浏览器导出证书并在本地识别它。有没有什么类似于curl的Groovy 有没有更简单的方法告诉HTTPBuilder忽略无效的证书?,groovy,httpbuilder,Groovy,Httpbuilder,根据,您可以通过一个相当繁琐的过程手动从浏览器导出证书并在本地识别它。有没有什么类似于curl的--不安全的开关的方法来实现这一点?找到了一种不涉及证书导入或httpbuilder黑客的方法 //== HTTPBUILDER IMPORTS @Grab(group='org.codehaus.groovy.modules.http-builder', module='http-builder', version='0.5.0-RC2' ) import groovyx.net.http.* im
--不安全的//== HTTPBUILDER IMPORTS
@Grab(group='org.codehaus.groovy.modules.http-builder', module='http-builder', version='0.5.0-RC2' )
import groovyx.net.http.*
import static groovyx.net.http.ContentType.*
import static groovyx.net.http.Method.*
//== END HTTPBUILDER IMPORTS
import javax.net.ssl.X509TrustManager
import javax.net.ssl.SSLContext
import java.security.cert.X509Certificate
import javax.net.ssl.TrustManager
import java.security.SecureRandom
import org.apache.http.conn.ssl.SSLSocketFactory
import org.apache.http.conn.scheme.Scheme
import org.apache.http.conn.scheme.SchemeRegistry
def http = new HTTPBuilder( "https://your_unsecure_certificate_host" )
//=== SSL UNSECURE CERTIFICATE ===
def sslContext = SSLContext.getInstance("SSL")
sslContext.init(null, [ new X509TrustManager() {public X509Certificate[]
getAcceptedIssuers() {null }
public void checkClientTrusted(X509Certificate[] certs, String authType) { }
public void checkServerTrusted(X509Certificate[] certs, String authType) { }
} ] as TrustManager[], new SecureRandom())
def sf = new SSLSocketFactory(sslContext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
def httpsScheme = new Scheme("https", sf, 443)
http.client.connectionManager.schemeRegistry.register( httpsScheme )
//================================
//do your http call with the http object
http.request( ....
ignoreSSLIssues()
有关此方法的更多信息:(底部部分)您可以安装自己的信任管理器和主机名验证程序来跳过SSL证书检查:此处报告->但尚未响应。
新建SSLSocketFactory(sslContext,SSLSocketFactory.ALLOW_ALL_主机名验证程序)def sf=new SSLSocketFactory(sslContext)sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)