https网站服务器都是有证书的。 是由网站自己的服务器签发的,并不被浏览器或操作系统广泛接受。
在使用CloseableHttpClient时经常遇到证书错误(知乎的网站就是这样)
现在需要SSL绕过证书,下面直接贴出代码,调用时只需要在发送请求后 new HttpsBerBer(文件的字节码) ;
1 import javax.net.ssl.HostnameVerifier; 2 import javax.net.ssl.HttpsURLConnection; 3 import javax.net.ssl.SSLSession; 4 import java.util.logging.Logger; 5 6 public class HttpsBerBer { 7 public HttpsBerBer(String name) throws Exception { 8 logger = Logger.getLogger(name); 9 trustAllHttpsCertificates(); 10 HostnameVerifier hv = new HostnameVerifier() { 11 public boolean verify(String urlHostName, SSLSession session) { 12 logger.info("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost()); 13 return true; 14 } 15 }; 16 HttpsURLConnection.setDefaultHostnameVerifier(hv); 17 } 18 private static Logger logger ; 19 private static void trustAllHttpsCertificates() throws Exception { 20 javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1]; 21 javax.net.ssl.TrustManager tm = new miTM(); 22 trustAllCerts[0] = tm; 23 javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext 24 .getInstance("SSL"); 25 sc.init(null, trustAllCerts, null); 26 javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc 27 .getSocketFactory()); 28 } 29 static class miTM implements javax.net.ssl.TrustManager, 30 javax.net.ssl.X509TrustManager { 31 public java.security.cert.X509Certificate[] getAcceptedIssuers() { 32 return null; 33 } 34 35 public boolean isServerTrusted( 36 java.security.cert.X509Certificate[] certs) { 37 return true; 38 } 39 40 public boolean isClientTrusted( 41 java.security.cert.X509Certificate[] certs) { 42 return true; 43 } 44 45 public void checkServerTrusted( 46 java.security.cert.X509Certificate[] certs, String authType) 47 throws java.security.cert.CertificateException { 48 return; 49 } 50 51 public void checkClientTrusted( 52 java.security.cert.X509Certificate[] certs, String authType) 53 throws java.security.cert.CertificateException { 54 return; 55 } 56 } 57 }
