Fatal编程技术网
  • java/
  • Java jsp如何打开随机https url?

Java jsp如何打开随机https url?

java jsp ssl

Java jsp如何打开随机https url?,java,jsp,ssl,Java,Jsp,Ssl,我想阅读用户输入的https URL的内容,我们没有任何关于证书密钥和jks等的数据: <!DOCTYPE html> <html> <head> <title>Total Synthesis of Fidaxomicin | | download</title> </head> <body> <form action="testSSL.jsp"> <input

我想阅读用户输入的https URL的内容,我们没有任何关于证书密钥和jks等的数据:

<!DOCTYPE html>
<html>
<head>
    <title>Total Synthesis of Fidaxomicin |  | download</title>
</head>
<body>
    <form action="testSSL.jsp">
        <input name="sslRandomUrl" type="text">
        <input type="submit" value="opensslUrl" >
    </form>
</body>


Fidaxomicin的全合成| |下载

这是jsp:

<%@page import="java.net.URL"%>
<%@page import="javax.net.ssl.HttpsURLConnection"%>
<%@page import="java.io.InputStreamReader"%>
<%@page import="java.io.BufferedReader"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>

    <%
        String url = request.getParameter("sslRandomUrl");
        System.out.println("How to open like web browser? >>>"+url);
        URL pdfContainerUrl = new URL(url);
        HttpsURLConnection conn2 = (HttpsURLConnection) pdfContainerUrl.openConnection();// دقت شود https 
        StringBuilder result = new StringBuilder();
        conn2.setRequestMethod("GET");
        BufferedReader br2 = new BufferedReader(new InputStreamReader(conn2.getInputStream(), "UTF-8"));
        String line2;
        while ((line2 = br2.readLine()) != null) {
            result.append(line2);
            System.out.println(line2);
        }
        out.print(result);
    %>
但对于许多URL,我都有以下错误:

ValidatorException:PKIX路径生成失败:sun.security.provider.certpath.SunCertPathBuilderException:找不到请求目标的有效证书路径

如何强制jdk打开所有https URL?

您可以尝试在JSP中插入以下内容:

    /* Start of Fix */
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }
        public void checkClientTrusted(X509Certificate[] certs, String authType) { }
        public void checkServerTrusted(X509Certificate[] certs, String authType) { }

    } };

    SSLContext sc = SSLContext.getInstance("SSL");
    sc.init(null, trustAllCerts, new java.security.SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

    // Create all-trusting host name verifier
    HostnameVerifier allHostsValid = new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) { return true; }
    };
    // Install the all-trusting host verifier
    HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
    /* End of the fix*/
来源:

如果覆盖此项,您会意识到安全隐患吗?亲爱的朋友,安全隐患有任何问题,请只使用代码。可能的错误重复:不是抽象的,不会覆盖X509TrustManager中的抽象方法checkServerTrusted(X509Certificate[],String)----