我正试图绕过我的连接的SSL检查 - SSLSocketFactory sslsocketfactory =(SSLSocketFactory)SSLSocketFactory.getDefault();
我到目前为止看到的所有示例(如Trusting all certificates using HttpClient over HTTPS)都是针对HTTPClient的。任何人都可以了解如何为SSLSocketFactory做同样的事情吗?我正在尝试与我的安全服务器建立SSL连接。
由于
答案 0 :(得分:-1)
我不会使用“SSLSocketFactory sslsocketfactory =(SSLSocketFactory)SSLSocketFactory.getDefault();”在我的示例中,您将看到如何获得不检查任何证书的sslSocket。但我无法建议
import java.net.Socket;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;
class AnyTrust extends X509ExtendedTrustManager {
static final X509Certificate[] ANY_CA = {};
@Override public X509Certificate[] getAcceptedIssuers() { return ANY_CA; }
@Override public void checkServerTrusted(final X509Certificate[] c, final String t) {}
@Override public void checkClientTrusted(final X509Certificate[] c, final String t) { }
@Override public void checkServerTrusted(final X509Certificate[] c, final String t, final SSLEngine e) { }
@Override public void checkServerTrusted(final X509Certificate[] c, final String t, final Socket e) { }
@Override public void checkClientTrusted(final X509Certificate[] c, final String t, final SSLEngine e) { }
@Override public void checkClientTrusted(final X509Certificate[] c, final String t, final Socket e) { }
}
public class S1 {
public static final void main(final String [] argc) throws Throwable {
final SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[]{new AnyTrust()}, null);
final SSLSocketFactory sslsocketFactory = sslContext.getSocketFactory();
}
}