关于如何使Apache Commons HttpClient 3.1忽略HTTPS证书无效,我们可以通过以下几个步骤来实现:
<groupId>commons-httpclient</groupId>
<artifactId>commons-httpclient</artifactId>
<version>3.1</version>
</dependency>
SecureProtocolSocketFactory
,用于忽略HTTPS证书验证。以下是一个简单的实现:import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
public class TrustAllProtocolSocketFactory implements ProtocolSocketFactory {
private SSLContext sslContext = null;
public TrustAllProtocolSocketFactory() {
try {
this.sslContext = SSLContext.getInstance("SSL");
this.sslContext.init(null, new TrustManager[]{new TrustAllTrustManager()}, null);
} catch (Exception e) {
e.printStackTrace();
}
}
@Override
public Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException {
return this.sslContext.getSocketFactory().createSocket(host, port, localAddress, localPort);
}
@Override
public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException {
return this.sslContext.getSocketFactory().createSocket(host, port, localAddress, localPort);
}
@Override
public Socket createSocket(String host, int port) throws IOException {
return this.sslContext.getSocketFactory().createSocket(host, port);
}
private static class TrustAllTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
}
TrustAllProtocolSocketFactory
注册到Apache Commons HttpClient 3.1中,以便在使用HTTPS时忽略证书验证。以下是如何注册自定义的TrustAllProtocolSocketFactory
的示例:import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
public class HttpClientUtils {
public static void registerTrustAllProtocolSocketFactory() {
ProtocolSocketFactory protocolSocketFactory = new TrustAllProtocolSocketFactory();
Protocol.registerProtocol("https", new Protocol("https", (ProtocolSocketFactory) protocolSocketFactory, 443));
}
}
HttpClientUtils.registerTrustAllProtocolSocketFactory()
方法来注册自定义的TrustAllProtocolSocketFactory
。这样,Apache Commons HttpClient 3.1就会在使用HTTPS时忽略证书验证了。请注意,这种方法会导致所有HTTPS连接都不进行证书验证,因此存在安全风险。在实际生产环境中,请务必谨慎使用。
领取专属 10元无门槛券
手把手带您无忧上云