本文轉自:https://www.cnblogs.com/jtwbdm/p/11507121.html
當初聯調某網站API(https),對方卻未提供SSL證書,且一再強調無需證書,只好通過搜索網絡資源設法繞過HTTPS證書驗證。
原文博主的方法正好符合我的需求,轉載至此以做個人記錄。
正文:
調用SkipHttpsUtil.wrapClient方法獲取httpclien對象,通過該對象(可強轉為CloseableHttpClient)發送請求,即可跳過https證書驗證。
skipHttpsUtil類
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.log4j.Logger;
/**
* Description: httpclient跳過https驗證
*/
public class SkipHttpsUtil {
private static Logger logger = Logger.getLogger(SkipHttpsUtil.class);
//繞過證書
public static HttpClient wrapClient() {
try {
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] arg0,
String arg1) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] arg0,
String arg1) throws CertificateException {
}
};
ctx.init(null, new TrustManager[] { tm }, null);
SSLConnectionSocketFactory ssf = new SSLConnectionSocketFactory(
ctx, NoopHostnameVerifier.INSTANCE);
CloseableHttpClient httpclient = HttpClients.custom()
.setSSLSocketFactory(ssf).build();
return httpclient;
} catch (Exception e) {
return HttpClients.createDefault();
}
}
}