Java 关闭JiraRestClient的ssl证书验证
我正试图通过atlassian rest api java框架连接到我的Jira:Java 关闭JiraRestClient的ssl证书验证,java,rest,ssl-certificate,jira,jira-rest-java-api,Java,Rest,Ssl Certificate,Jira,Jira Rest Java Api,我正试图通过atlassian rest api java框架连接到我的Jira: JiraRestClientFactory=new AsynchronousJiraRestClientFactory(); JiraRestClient=factory.createWithBasicHttpAuthentication(uri、用户名、密码); 但这会导致一个错误: javax.net.ssl.SSLHandshakeException:一般SSLEngine问题 PKIX路径生成失败:su
JiraRestClientFactory=new AsynchronousJiraRestClientFactory();
JiraRestClient=factory.createWithBasicHttpAuthentication(uri、用户名、密码);
但这会导致一个错误:
javax.net.ssl.SSLHandshakeException:一般SSLEngine问题
PKIX路径生成失败:sun.security.provider.certpath.SunCertPathBuilderException:找不到请求目标的有效证书路径
我想这是因为我对我的Jira使用了自签名证书。是否有一种方法可以至少出于开发目的对JiraRestClientFactory进行证书验证?将自签名证书添加到本地JVM信任库会更加谨慎 但是,您可能可以通过使用
AsynchronousJiraRestClientFactory.create(URI,HttpClient)
方法创建客户端对象来禁用检查。应该可以提供自己的HttpClient
实例来禁用证书验证。看起来Atlassian用自定义工厂和装饰器重新打包了Apache HttpClient库,因此您必须深入研究Atlassian HttpClient-*
库源代码
有com.atlassian.httpclient.api.factory.HttpClientOptions#setTrustSelfSignedCertificates(布尔)
标志。应该可以创建自己版本的AsynchronousHttpClientFactory#createClient(URI,AuthenticationHandler)
方法,其中当前创建了空的HttpClientOptions
:
public DisposableHttpClient createClient(final URI serverUri, final AuthenticationHandler authenticationHandler) {
final HttpClientOptions options = new HttpClientOptions();
options.setTrustSelfSignedCertificates(true); // try this
将自签名证书添加到本地JVM信任库会更为谨慎 但是,您可能可以通过使用
AsynchronousJiraRestClientFactory.create(URI,HttpClient)
方法创建客户端对象来禁用检查。应该可以提供自己的HttpClient
实例来禁用证书验证。看起来Atlassian用自定义工厂和装饰器重新打包了Apache HttpClient库,因此您必须深入研究Atlassian HttpClient-*
库源代码
有com.atlassian.httpclient.api.factory.HttpClientOptions#setTrustSelfSignedCertificates(布尔)
标志。应该可以创建自己版本的AsynchronousHttpClientFactory#createClient(URI,AuthenticationHandler)
方法,其中当前创建了空的HttpClientOptions
:
public DisposableHttpClient createClient(final URI serverUri, final AuthenticationHandler authenticationHandler) {
final HttpClientOptions options = new HttpClientOptions();
options.setTrustSelfSignedCertificates(true); // try this
你可以试试下面的方法。以下代码将跳过证书验证,并使用CloseableHTTPClient实例访问Jira rest API
private void getTicketDetails(URI url, String userid, String password)
throws NoSuchAlgorithmException, KeyManagementException {
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1)
throws CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1)
throws CertificateException {
}
} };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
JiraRestClientFactory factory = new AsynchronousJiraRestClientFactory();
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(new AuthScope(url.getHost(), url.getPort()),
new UsernamePasswordCredentials(userid, password));
CloseableHttpClient httpClient = HttpClients.custom().setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.setSslcontext(sc).setDefaultCredentialsProvider(credsProvider).build();
JiraRestClient client = factory.create(url, (HttpClient) httpClient);
}
你可以试试下面的方法。以下代码将跳过证书验证,并使用CloseableHTTPClient实例访问Jira rest API
private void getTicketDetails(URI url, String userid, String password)
throws NoSuchAlgorithmException, KeyManagementException {
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1)
throws CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1)
throws CertificateException {
}
} };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
JiraRestClientFactory factory = new AsynchronousJiraRestClientFactory();
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(new AuthScope(url.getHost(), url.getPort()),
new UsernamePasswordCredentials(userid, password));
CloseableHttpClient httpClient = HttpClients.custom().setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.setSslcontext(sc).setDefaultCredentialsProvider(credsProvider).build();
JiraRestClient client = factory.create(url, (HttpClient) httpClient);
}
谢谢你的回复!我最终得出的解决方案基于Karol Dowbeckis的答案:
JiraRestClientFactory=new AsynchronousJiraRestClientFactory();
HttpClientOptions选项=新的HttpClientOptions();
options.setTrustSelfSignedCertificates(true);
DefaultHttpClientFactory DefaultHttpClientFactory=新的DefaultHttpClientFactory(新的NoOpEventPublisher(),
新的RestClientApplicationProperties(JIRA_URI),新的ThreadLocalContextManager(){
@凌驾
公共对象getThreadLocalContext(){
返回null;
}
@凌驾
public void setThreadLocalContext(对象上下文){
}
@凌驾
public void clearThreadLocalContext(){
}
});
HttpClient HttpClient=defaultHttpClientFactory.create(选项);
AtlassianHttpClientDecorator AtlassianHttpClientDecorator=新的AtlassianHttpClientDecorator(httpClient,新的BasicHttpAuthenticationHandler(用户名、密码)){
@凌驾
public void destroy()引发异常{
defaultHttpClientFactory.dispose(httpClient);
}
};
JiraRestClient=factory.create(JIRA_URI,atlassianHttpClientDecorator);
我不得不添加自己的NoOpEventPublisher
和RestClientApplicationProperties
的简单实现,因为atlassian类是私有的
此代码示例的附加信息
- 本例使用的是jira rest客户端版本4.0.0
只是带有空方法体的NoOpEventPublisher
com.atlassian.event.api.EventPublisher的一个实现
实现RestClientApplicationProperties
在com.atlassian.sal.api.ApplicationProperties
中返回我的jira url,在getBaseUrl
中返回“4.0.0”getVersion
- 感谢您的回复!我最终得出的解决方案基于Karol Dowbeckis的答案:
JiraRestClientFactory=new AsynchronousJiraRestClientFactory();
HttpClientOptions选项=新的HttpClientOptions();
options.setTrustSelfSignedCertificates(true);
DefaultHttpClientFactory DefaultHttpClientFactory=新的DefaultHttpClientFactory(新的NoOpEventPublisher(),
新的RestClientApplicationProperties(JIRA_URI),新的ThreadLocalContextManager(){
@凌驾
公共对象getThreadLocalContext(){
返回null;
}
@凌驾
public void setThreadLocalContext(对象上下文){
}
@凌驾
public void clearThreadLocalContext(){
}
});
HttpClient HttpClient=defaultHttpClientFactory.create(选项);
AtlassianHttpClientDecorator AtlassianHttpClientDecorator=新的AtlassianHttpClientDecorator(httpClient,新的BasicHttpAuthenticationHandler(用户名、密码)){
@凌驾
public void destroy()引发异常{
defaultHttpClientFactory.dispose(httpClient);
}