Java跳过证书访问HTTPS

Java跳过证书访问HTTPS

文章目录

java直接发送请求访问https地址的时候,若没有导入证书,会出现各种问题,如307。

以下会以是否SpringBoot来解决这个问题,做法一致,都是绕过证书进行处理的。

一,非Spring方式

创建一个请求代理类,为所有的HTTPS请求访问前做一下操作

java 复制代码
public class IgnoreHttpsProxyRequest {

	/**
	 * 通過HTTPS的url登錄
	 * @param urlStr 目標url
	 * @return	查詢結果
	 * @throws IOException
	 * @throws NoSuchAlgorithmException
	 * @throws KeyManagementException
	 */
	public String get(String urlStr, String token, String type) throws IOException, NoSuchAlgorithmException, KeyManagementException {
		//繞過https
		HttpsURLConnection.setDefaultHostnameVerifier(new IgnoreHttpsProxyRequest().new NullHostNameVerifier());
		SSLContext sslContext = SSLContext.getInstance("TLS");
		sslContext.init(null, trustManagers, new SecureRandom());
		HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
		//建立連接
		URL url = new URL(urlStr);
		HttpURLConnection connection = (HttpURLConnection) url.openConnection();
		connection.setRequestMethod(type);
		connection.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + token);
		connection.connect();
		//獲取查詢結果
		InputStream inputStream = connection.getInputStream();
		if (inputStream == null) {
			return null;
		}
		BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
		StringBuilder sb = new StringBuilder();
		String tmp = null;
		while ((tmp = bufferedReader.readLine()) != null) {
			sb.append(tmp);
		}
		bufferedReader.close();
		inputStream.close();
		return sb.toString();

	}

	static TrustManager[] trustManagers = new TrustManager[] {
				new X509TrustManager() {
					@Override
					public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

					}

					@Override
					public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

					}

					@Override
					public X509Certificate[] getAcceptedIssuers() {
						return null;
					}
				}
		};

    public class NullHostNameVerifier implements HostnameVerifier {

		@Override
		public boolean verify(String s, SSLSession sslSession) {
			return true;
		}
	}

}

二,SpringBoot方式

先创建一个跳过证书验证,信任所有站点的请求客户端factory

java 复制代码
package com.foxconn.dsc.matrix.api;

import org.springframework.http.client.SimpleClientHttpRequestFactory;

import javax.net.ssl.*;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;

/**
 * @ClassName: SkipHttpsRequestFactory
 * @Description:
 * @author: lemon
 * @date: 2023/9/14 13:56
 */
public class SkipHttpsRequestFactory extends SimpleClientHttpRequestFactory {

    @Override
    protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
        if (connection instanceof HttpsURLConnection) {
            prepareHttpsConnection((HttpsURLConnection) connection);
        }
        super.prepareConnection(connection, httpMethod);
    }

    private void prepareHttpsConnection(HttpsURLConnection connection) {
        connection.setHostnameVerifier(new SkipHostnameVerifier());
        try {
            connection.setSSLSocketFactory(createSslSocketFactory());
        } catch (Exception ex) {
            // Ignore
        }
    }

    private SSLSocketFactory createSslSocketFactory() throws Exception {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, new TrustManager[] { new SkipX509TrustManager() }, new SecureRandom());
        return context.getSocketFactory();
    }

    private class SkipHostnameVerifier implements HostnameVerifier {

        @Override
        public boolean verify(String s, SSLSession sslSession) {
            return true;
        }

    }

    private static class SkipX509TrustManager implements X509TrustManager {

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType) {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType) {
        }
    }

}

注入RestTemplate类时,构造时将该工厂类加上。

java 复制代码
    @Bean
    public RestTemplate restTemplate() {
        SimpleClientHttpRequestFactory factory = new SkipHttpsRequestFactory();
        RestTemplate restTemplate = new RestTemplate(factory);
        return restTemplate;
    }

使用时将其注入

java 复制代码
@Resource
private RestTemplate restTemplate;

配置完毕之后,就可以直接调用了

java 复制代码
ResponseEntity<String> response = restTemplate.exchange(builder.build().encode().toUri(), HttpMethod.GET, entity, String.class);
相关推荐
Lhappy嘻嘻6 小时前
Java IO|File 文件操作 + 字节流 / 字符流完整笔记 + 递归删除文件实战
java·笔记·php
laoli_coding6 小时前
如何配置HTTPS站点访问的免费SSL域名证书
网络协议·https·node.js·ssl
科技道人6 小时前
记录 默认置灰/禁用 app ‘Search Engine Selector‘ 的disable按钮
开发语言·前端·javascript
伊玛目的门徒6 小时前
试用leetcode之典中典 二数之和问题
java·算法·leetcode
逝水无殇8 小时前
C# 异常处理详解
开发语言·后端·c#
懒鸟一枚9 小时前
深入理解 Linux 内存、Swap 交换分区与分页机制的关系
java·linux·数据库
玖玥拾10 小时前
C# 语言进阶(十五)C# 游戏服务端 MySQL 数据库
服务器·开发语言·网络·数据库·mysql·c#
铅笔侠_小龙虾10 小时前
Rust 学习目录
开发语言·学习·rust
我命由我1234511 小时前
执行 Gradle 指令报错,无法将“grep”项识别为 cmdlet、函数、脚本文件或可运行程序的名称
android·java·java-ee·android studio·android jetpack·android-studio·android runtime
考虑考虑11 小时前
Sentinel安装
java·后端·微服务