Java跳过证书访问HTTPS

李奈 - Leemon2023-09-16 10:28

Java跳过证书访问HTTPS

文章目录

java直接发送请求访问https地址的时候,若没有导入证书,会出现各种问题,如307。

以下会以是否SpringBoot来解决这个问题,做法一致,都是绕过证书进行处理的。

一,非Spring方式

创建一个请求代理类,为所有的HTTPS请求访问前做一下操作

java 复制代码 
public class IgnoreHttpsProxyRequest {

	/**
	 * 通過HTTPS的url登錄
	 * @param urlStr 目標url
	 * @return	查詢結果
	 * @throws IOException
	 * @throws NoSuchAlgorithmException
	 * @throws KeyManagementException
	 */
	public String get(String urlStr, String token, String type) throws IOException, NoSuchAlgorithmException, KeyManagementException {
		//繞過https
		HttpsURLConnection.setDefaultHostnameVerifier(new IgnoreHttpsProxyRequest().new NullHostNameVerifier());
		SSLContext sslContext = SSLContext.getInstance("TLS");
		sslContext.init(null, trustManagers, new SecureRandom());
		HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
		//建立連接
		URL url = new URL(urlStr);
		HttpURLConnection connection = (HttpURLConnection) url.openConnection();
		connection.setRequestMethod(type);
		connection.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + token);
		connection.connect();
		//獲取查詢結果
		InputStream inputStream = connection.getInputStream();
		if (inputStream == null) {
			return null;
		}
		BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
		StringBuilder sb = new StringBuilder();
		String tmp = null;
		while ((tmp = bufferedReader.readLine()) != null) {
			sb.append(tmp);
		}
		bufferedReader.close();
		inputStream.close();
		return sb.toString();

	}

	static TrustManager[] trustManagers = new TrustManager[] {
				new X509TrustManager() {
					@Override
					public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

					}

					@Override
					public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

					}

					@Override
					public X509Certificate[] getAcceptedIssuers() {
						return null;
					}
				}
		};

    public class NullHostNameVerifier implements HostnameVerifier {

		@Override
		public boolean verify(String s, SSLSession sslSession) {
			return true;
		}
	}

}

二,SpringBoot方式

先创建一个跳过证书验证,信任所有站点的请求客户端factory

java 复制代码 
package com.foxconn.dsc.matrix.api;

import org.springframework.http.client.SimpleClientHttpRequestFactory;

import javax.net.ssl.*;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;

/**
 * @ClassName: SkipHttpsRequestFactory
 * @Description:
 * @author: lemon
 * @date: 2023/9/14 13:56
 */
public class SkipHttpsRequestFactory extends SimpleClientHttpRequestFactory {

    @Override
    protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
        if (connection instanceof HttpsURLConnection) {
            prepareHttpsConnection((HttpsURLConnection) connection);
        }
        super.prepareConnection(connection, httpMethod);
    }

    private void prepareHttpsConnection(HttpsURLConnection connection) {
        connection.setHostnameVerifier(new SkipHostnameVerifier());
        try {
            connection.setSSLSocketFactory(createSslSocketFactory());
        } catch (Exception ex) {
            // Ignore
        }
    }

    private SSLSocketFactory createSslSocketFactory() throws Exception {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, new TrustManager[] { new SkipX509TrustManager() }, new SecureRandom());
        return context.getSocketFactory();
    }

    private class SkipHostnameVerifier implements HostnameVerifier {

        @Override
        public boolean verify(String s, SSLSession sslSession) {
            return true;
        }

    }

    private static class SkipX509TrustManager implements X509TrustManager {

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType) {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType) {
        }
    }

}

注入RestTemplate类时,构造时将该工厂类加上。

java 复制代码 
    @Bean
    public RestTemplate restTemplate() {
        SimpleClientHttpRequestFactory factory = new SkipHttpsRequestFactory();
        RestTemplate restTemplate = new RestTemplate(factory);
        return restTemplate;
    }

使用时将其注入

java 复制代码 
@Resource
private RestTemplate restTemplate;

配置完毕之后,就可以直接调用了

java 复制代码 
ResponseEntity<String> response = restTemplate.exchange(builder.build().encode().toUri(), HttpMethod.GET, entity, String.class);
相关推荐
卷毛的技术笔记37 分钟前
告别硬编码!Spring AI Alibaba 实现 AI Agent 智能工具调用(Tool Calling)
java·人工智能·后端·python·spring·ai编程
编程大师哥37 分钟前
匿名函数 lambda + 高阶函数
java·python·算法
isyangli_blog39 分钟前
OpenDayLight (Carbon 版本) 启动与组件安装
开发语言·php
vb2008111 小时前
FastAPI APIRouter
开发语言·python
Benszen1 小时前
KVM虚拟化解决方案
开发语言·perl
会编程的土豆1 小时前
Go 语言反射(Reflection)详解
开发语言·后端·golang
東雪木1 小时前
多线程与并发编程 专属复习笔记
java·开发语言·笔记·java面试
adrninistrat0r1 小时前
Java调用链MCP分析工具
java·python·ai编程
杨充1 小时前
1.3 浮点型数据设计灵魂
开发语言·python·算法
噜噜噜阿鲁~1 小时前
python学习笔记 | 11.3、面向对象高级编程-多重继承
java·开发语言
热门推荐
01GitHub 镜像站点02【AI】2026 年具身智能模型和世界模型总结03【踩坑记录 | 第一篇】微软商店无法使用时,如何手动安装 OpenAI Codex?附`.msix`文件系统错误解决方法042026 年 AI 编程工具终极横评:Cursor vs Claude Code vs Copilot vs Windsurf05CC-Switch & Claude 基于 Linux 服务器安装使用指南06Codex 接入 DeepSeek API 完整配置文档07裂开!ChatGPT 居然开始要手机号验证,附详细解决方法08DeepSeek V4 + Claude Code thinking mode 400 错误修复方案09Codex 下载安装指南:Windows 和 macOS 官方版下载10几个好用的ip纯净度检测网站