Java跳过证书访问HTTPS详细代码示例
作者:李奈 - Leemon
在访问HTTPS网站时,Java会默认检查SSL证书是否有效,如果证书无效,则会阻止访问,这篇文章主要给大家介绍了关于Java跳过证书访问HTTPS的相关资料,需要的朋友可以参考下
前言
java直接发送请求访问https地址的时候,若没有导入证书,会出现各种问题,如307。
以下会以是否SpringBoot来解决这个问题,做法一致,都是绕过证书进行处理的。
一,非Spring方式
创建一个请求代理类,为所有的HTTPS请求访问前做一下操作
public class IgnoreHttpsProxyRequest {
/**
* 通過HTTPS的url登錄
* @param urlStr 目標url
* @return 查詢結果
* @throws IOException
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
public String get(String urlStr, String token, String type) throws IOException, NoSuchAlgorithmException, KeyManagementException {
//繞過https
HttpsURLConnection.setDefaultHostnameVerifier(new IgnoreHttpsProxyRequest().new NullHostNameVerifier());
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustManagers, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
//建立連接
URL url = new URL(urlStr);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod(type);
connection.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + token);
connection.connect();
//獲取查詢結果
InputStream inputStream = connection.getInputStream();
if (inputStream == null) {
return null;
}
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
StringBuilder sb = new StringBuilder();
String tmp = null;
while ((tmp = bufferedReader.readLine()) != null) {
sb.append(tmp);
}
bufferedReader.close();
inputStream.close();
return sb.toString();
}
static TrustManager[] trustManagers = new TrustManager[] {
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}
};
public class NullHostNameVerifier implements HostnameVerifier {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
}
}
二,SpringBoot方式
先创建一个跳过证书验证,信任所有站点的请求客户端factory
package com.foxconn.dsc.matrix.api;
import org.springframework.http.client.SimpleClientHttpRequestFactory;
import javax.net.ssl.*;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
/**
* @ClassName: SkipHttpsRequestFactory
* @Description:
* @author: lemon
* @date: 2023/9/14 13:56
*/
public class SkipHttpsRequestFactory extends SimpleClientHttpRequestFactory {
@Override
protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
if (connection instanceof HttpsURLConnection) {
prepareHttpsConnection((HttpsURLConnection) connection);
}
super.prepareConnection(connection, httpMethod);
}
private void prepareHttpsConnection(HttpsURLConnection connection) {
connection.setHostnameVerifier(new SkipHostnameVerifier());
try {
connection.setSSLSocketFactory(createSslSocketFactory());
} catch (Exception ex) {
// Ignore
}
}
private SSLSocketFactory createSslSocketFactory() throws Exception {
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[] { new SkipX509TrustManager() }, new SecureRandom());
return context.getSocketFactory();
}
private class SkipHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
}
private static class SkipX509TrustManager implements X509TrustManager {
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
}
}注入RestTemplate类时,构造时将该工厂类加上。
@Bean
public RestTemplate restTemplate() {
SimpleClientHttpRequestFactory factory = new SkipHttpsRequestFactory();
RestTemplate restTemplate = new RestTemplate(factory);
return restTemplate;
}
使用时将其注入
@Resource private RestTemplate restTemplate;
配置完毕之后,就可以直接调用了
ResponseEntity<String> response = restTemplate.exchange(builder.build().encode().toUri(), HttpMethod.GET, entity, String.class);
总结
到此这篇关于Java跳过证书访问HTTPS的文章就介绍到这了,更多相关Java跳过证书访问HTTPS内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!