Java 如何使用ApacheHttpClient忽略SSL证书错误,但记录它
有很多关于如何使用ApacheHttpClient忽略SSL证书的示例;我创建了一个客户机。到现在为止,一直都还不错。问题是,当证书无效时,客户端盲目地接受它,就像我告诉它的一样。但我不想静静地接受它;我想记录某种警告,让我知道接受了无效的证书 有没有办法做到这一点Java 如何使用ApacheHttpClient忽略SSL证书错误,但记录它,java,ssl,httpclient,apache-httpclient-4.x,apache-httpcomponents,Java,Ssl,Httpclient,Apache Httpclient 4.x,Apache Httpcomponents,有很多关于如何使用ApacheHttpClient忽略SSL证书的示例;我创建了一个客户机。到现在为止,一直都还不错。问题是,当证书无效时,客户端盲目地接受它,就像我告诉它的一样。但我不想静静地接受它;我想记录某种警告,让我知道接受了无效的证书 有没有办法做到这一点 注意:这是用于内部工具,而不是产品代码。我理解并接受忽略证书的风险,因此,请不要开始“比你更神圣”的讲座。这只是一个简单的装饰X509TrustManager实例传递给SSLContext\init方法的问题 static clas
注意:这是用于内部工具,而不是产品代码。我理解并接受忽略证书的风险,因此,请不要开始“比你更神圣”的讲座。这只是一个简单的装饰
X509TrustManager
实例传递给SSLContext\init
方法的问题
static class TrustManagerDelegate implements X509TrustManager {
private final X509TrustManager trustManager;
TrustManagerDelegate(final X509TrustManager trustManager) {
super();
this.trustManager = trustManager;
}
@Override
public void checkClientTrusted(
final X509Certificate[] chain, final String authType) throws CertificateException {
trustManager.checkClientTrusted(chain, authType);
}
@Override
public void checkServerTrusted(
final X509Certificate[] chain, final String authType) {
try {
trustManager.checkServerTrusted(chain, authType);
} catch (CertificateException ex) {
// Implement proper logging;
System.out.println(chain[0]);
ex.printStackTrace(System.out);
}
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return trustManager.getAcceptedIssuers();
}
}
TrustManagerFactory tmfactory=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmfactory.init((密钥库)null);
最终信任管理器[]tms=tmfactory.getTrustManager();
如果(tms!=null){
对于(int i=0;i
证明了证书例外
在告诉我失败的域名时是毫无用处的。我最后做了一件事
TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmfactory.init((KeyStore) null);
final TrustManager[] tms = tmfactory.getTrustManagers();
if (tms != null) {
for (int i = 0; i < tms.length; i++) {
final TrustManager tm = tms[i];
if (tm instanceof X509TrustManager) {
tms[i] = new TrustManagerDelegate((X509TrustManager) tm);
}
}
}
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tms, null);
CloseableHttpClient client = HttpClientBuilder.create()
.setSSLContext(sslContext)
.build();