我的范围是发送一条https消息,信任来自嵌入式Linux模块上的Java应用程序的所有证书,其上有一个JVM(IcedTea6 1.11,Java版本1.6.0_24)(作为Info我无法访问此嵌入式Linux或到JVM进行任何更改,我只能把编译好的java应用程序放在上面。)
我只有基本的Java知识,但我在网上找到了一个信任所有证书的应用程序。 一开始我在线上有一个错误
SSLContext sc = SSLContext.getInstance(“SSL”);
我发现问题是SunJSSE Provider没有在JVM中实现。 我的第一步是添加SunJSSE提供程序
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
之后,如果我读出提供程序,我可以看到添加成功,现在我找到了提供程序“SunJSSE 1.6版”。 Trust all Certificate Class如下:
public final class TrustAllCertificates implements X509TrustManager, HostnameVerifier
{
public X509Certificate[] getAcceptedIssuers() {return null;}
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
public boolean verify(String hostname, SSLSession session) {return true;}
public static void install()
{
try
{
TrustAllCertificates trustAll = new TrustAllCertificates();
final SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[]{trustAll}, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(trustAll);
}
catch (Exeption e)
{
JatLog.writeTempLog("Error: " + e.getMessage());
}
}
}
现在我总是收到错误
访问被拒绝(java.lang.RuntimePermission setFactory)
执行行
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
有人知道如何解决这个问题吗?
答案 0 :(得分:0)
看起来像SecurityManager阻止它。尝试单个连接的设置:
SSLContext sc = SSLContext.getInstance("SSL");
TrustAllCertificates trustAll = new TrustAllCertificates();
sc.init(null, new TrustManager[] { trustAll }, new java.security.SecureRandom());
URL url = new URL("https://www.google.com/");
URLConnection urlConnection = url.openConnection();
if (urlConnection instanceof HttpsURLConnection) {
HttpsURLConnection uc = (HttpsURLConnection) urlConnection;
uc.setSSLSocketFactory(sc.getSocketFactory());
uc.setHostnameVerifier(trustAll);
uc.connect();
JatLog.writeTempLog("headers: "+uc.getHeaderFields());
uc.disconnect();
}
如果这不能帮助瑞典人更新安全管理器设置;)
HTH