SslContextFactory sec = new SslContextFactory();
sec.setValidateCerts(false);
WebSocketClient client = new WebSocketClient(sec);
上面的代码是为Jetty WebSockets实现的,告诉java客户端禁用证书验证。有没有什么办法可以在Tomcat8 WebSockets(JSR-356)的Java API中实现相同的目标?
PS:我尝试了this方法。它不适用于Tomcat WebSockets的Secure WebSocket连接
答案 0 :(得分:2)
您是否生成了自签名证书并尝试使用它? 然后将自签名证书导入新密钥库,并将该密钥库用作客户端的信任存储区。
对于tyrus websocket客户端,我使用如下:
String keyStorePath = StompClientTest.class.getResource("/myapp.keystore").getPath();
System.getProperties().put("javax.net.debug", "all"); // debug your certificate checking
System.getProperties().put(SslContextConfigurator.KEY_STORE_FILE, keyStorePath);
System.getProperties().put(SslContextConfigurator.TRUST_STORE_FILE, keyStorePath);
System.getProperties().put(SslContextConfigurator.KEY_STORE_PASSWORD, "secret");
System.getProperties().put(SslContextConfigurator.TRUST_STORE_PASSWORD, "secret");
final SslContextConfigurator defaultConfig = new SslContextConfigurator();
defaultConfig.retrieve(System.getProperties());
SslEngineConfigurator sslEngineConfigurator = new SslEngineConfigurator(defaultConfig);
sslEngineConfigurator.setHostVerificationEnabled(false);
StandardWebSocketClient webSocketClient = new StandardWebSocketClient();
webSocketClient.getUserProperties().put(ClientProperties.SSL_ENGINE_CONFIGURATOR, sslEngineConfigurator);
对于tomcat在以下问题中阅读答案:https://stackoverflow.com/a/32205864/386213