Java SSL:如何禁用主机名验证 [英] Java SSL: how to disable hostname verification
问题描述
标准java SSL套接字是否有办法禁用与属性的ssl连接的主机名验证?我到目前为止找到的唯一方法是编写一个主机名验证程序,它始终返回true。
Is there a way for the standard java SSL sockets to disable hostname verfication for ssl connections with a property? The only way I found until now, is to write a hostname verifier which returns true all the time.
Weblogic提供了这种可能性,可以使用以下属性禁用主机名验证:
Weblogic provides this possibility, it is possible to disable the hostname verification with the following property:
-Dweblogic .security.SSL.ignoreHostnameVerify
-Dweblogic.security.SSL.ignoreHostnameVerify
推荐答案
应该可以创建自定义 java代理覆盖默认 HostnameVerifier
:
It should be possible to create custom java agent that overrides default HostnameVerifier
:
import javax.net.ssl.*;
import java.lang.instrument.Instrumentation;
public class LenientHostnameVerifierAgent {
public static void premain(String args, Instrumentation inst) {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
}
}
然后只需添加 -javaagent :LenientHostnameVerifierAgent.jar
编程的java启动参数。
Then just add -javaagent:LenientHostnameVerifierAgent.jar
to program's java startup arguments.
这篇关于Java SSL:如何禁用主机名验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!