exp*_*ert 3 ssl apache-commons-httpclient
如何在新的Apache Http Client 4.3中创建SSL套接字工厂?
这是我在4.3之前创建它的方式
val ts = new TrustStrategy() {
def isTrusted(chain: Array[X509Certificate], authType: String): Boolean = true
}
new SSLSocketFactory(ts, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
现在SSLSocketFactory标记为已弃用.定义自定义的新方法是TrustStrategy什么?我无法理解.
好吧,我明白了.
初始化你ConnectionSocketFactory喜欢这个
val sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy).useTLS().build()
new SSLConnectionSocketFactory(sslContext, new AllowAllHostnameVerifier())
如果你看看TrustSelfSignedStrategy他们将自签名证书与真实证书区分开来的方式来源是检查链的长度.
public boolean isTrusted(
final X509Certificate[] chain, final String authType) throws CertificateException {
return chain.length == 1;
}
我不确定它是非常可靠的方式,但请记住它.也许这是值得一试定X509Certificate在isTrusted.