zoukankan      html  css  js  c++  java
  • Ignoring HTTPS certificates

    Our Development setups won't have valid or trusted certificates. When do you want test our webserver code over HTTPS, we need to handle these certificates with special code.

    The common approach is to import these HTTPS certificates into JDK cacerts or override the trust store:
    In Java:

    System.setProperty("javax.net.ssl.trustStore","clientTrustStore.key");
    System.setProperty("javax.net.ssl.trustStorePassword","qwerty");

    If you are working with many such systems or test setups in LAN or internet, it is time taking to import these certificates in our trust stores. So we can allow a setting in our code to ignore these certificates with below code snippets.

    HostnameVerifier hostNameVerifier = new HostnameVerifier()
    {
     
        public boolean verify(String s, SSLSession sslSession)
        {
            return true;
        }
    };
    HttpsURLConnection.setDefaultHostnameVerifier(hostNameVerifier);
     
    TrustManager[] trustAllCerts = new TrustManager[]{
            new X509TrustManager()
            {
                public java.security.cert.X509Certificate[] getAcceptedIssuers()
                {
                    return null;
                }
     
                public void checkClientTrusted(X509Certificate[] certs, String authType)
                {
                }
     
                public void checkServerTrusted(X509Certificate[] certs, String authType)
                {
                }
            }
    };
     
    // Install the all-trusting trust manager
    try {
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        logger.fine("Socket factory initialized");
        System.out.println("Ignoring server certificates");
    } catch (Exception e) {
        logger.log(Level.SEVERE, "Failed initializing socket factory to ignore certificates.", e);
    }

    In Java using Apache Commons HTTP Util: 

     Protocol easyhttps = new Protocol("https", (ProtocolSocketFactory) new EasySSLProtocolSocketFactory(), 443);
            Protocol.registerProtocol("https", easyhttps);

    In PHP using PHP CURL: 

    //open connection
    $ch = curl_init();
    curl_setopt($ch,CURLOPT_URL,$url);
     
    // ignore certs
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
  • 相关阅读:
    DELL、HP、IBM X86服务器命名规则
    容灾,热备,集群等区别
    HDS(日立)AMS2000系列存储管理配置方法
    KBMMW 4.90.00 发布
    delphi 10 seattle 安卓服务开发(三)
    delphi 10 seattle 安卓服务开发(二)
    delphi 10 seattle 中 解决IOS 9 限制使用HTTP 服务问题
    Android 中的 Service 全面总结(转载)
    KBMMW 4.84.00 发布
    delphi 10 seattle 安卓服务开发(一)
  • 原文地址:https://www.cnblogs.com/fengjian/p/3534410.html
Copyright © 2011-2022 走看看