我知道,关于这个问题有很多不同的问题和很多答案...但我无法理解......
我有:ubuntu-9.10-desktop-amd64 + NetBeans6.7.1从"关闭"安装.代表.我需要通过HTTPS连接到某个站点.为此我使用Apache的HttpClient.
从教程我读到:
"一旦正确安装了JSSE,通过SSL进行安全的HTTP通信
就像普通的HTTP通信一样简单." 还有一些例子:
HttpClient httpclient = new HttpClient();
GetMethod httpget = new GetMethod("https://www.verisign.com/");
try {
httpclient.executeMethod(httpget);
System.out.println(httpget.getStatusLine());
} finally {
httpget.releaseConnection();
}
到现在为止,我写道:
HttpClient client = new HttpClient();
HttpMethod get = new GetMethod("https://mms.nw.ru");
//get.setDoAuthentication(true);
try {
int status = client.executeMethod(get);
System.out.println(status);
BufferedInputStream is = new BufferedInputStream(get.getResponseBodyAsStream());
int r=0;byte[] buf = new byte[10];
while((r = is.read(buf)) > 0) {
System.out.write(buf,0,r);
}
} catch(Exception ex) {
ex.printStackTrace();
}
结果我有一组错误:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable …如何使用Apache HttpClient 4.0 绕过无效的SSL证书错误?
如何忽略Apache HttpClient 4.3的 SSL证书(全部信任)?
我在SO上找到的所有答案都会处理以前的版本,并且API已更改.
有关:
编辑:
Apache Http客户端.您可以在此处查看相关代码:
String url = "https://path/to/url/service";
HttpClient client = new HttpClient();
PostMethod method = new PostMethod(url);
// Test whether to ignore cert errors
if (ignoreCertErrors){
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager(){
public X509Certificate[] getAcceptedIssuers(){ return null; }
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
} catch (Exception e){
e.printStackTrace();
}
}
try {
// Execute the method …我需要抓取已过期/自签名证书的公司内部网站.没有人会为该主机配置有效的证书,所以我必须使用不安全的连接.
curl--insecure为此目的有旗帜,
Scala finagle库有.tlsWithoutValidation()模式.
问题:Kotlin库有类似的选择吗?
UPD:到目前为止,我正在使用Fuel和这里发现的大量解决方法,但仍在寻找更好的方法..
fun useInsecureSSL() {
// Create a trust manager that does not validate certificate chains
val trustAllCerts = arrayOf<TrustManager>(object : X509TrustManager {
override fun getAcceptedIssuers(): Array<X509Certificate>? = null
override fun checkClientTrusted(chain: Array<X509Certificate>, authType: String) = Unit
override fun checkServerTrusted(chain: Array<X509Certificate>, authType: String) = Unit
})
val sc = SSLContext.getInstance("SSL")
sc.init(null, trustAllCerts, java.security.SecureRandom())
HttpsURLConnection.setDefaultSSLSocketFactory(sc.socketFactory)
// Create all-trusting host name verifier
val allHostsValid = HostnameVerifier …