是否有可能让 Java 忽略“信任存储"?并接受它获得的任何 SSL 证书? [英] Is it possible to get Java to ignore the "trust store" and just accept whatever SSL certificate it gets?
本文介绍了是否有可能让 Java 忽略“信任存储"?并接受它获得的任何 SSL 证书?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试编写一个使用 javax.mail API 发送邮件的 SSL 客户端.我遇到的问题是服务器请求我使用 SSL,但服务器也配置了非标准 SSL 证书.我发现的网页说我需要将证书安装到信任库中.我不想这样做(我没有必要的权限.)
I am trying to write an SSL client that sends mail using the javax.mail API. The problem I am having is that the server request that I use SSL, but the server is also configured with a non-standard SSL certificate. The web pages I have found say that I need to install the certificate into the trust store. I don't want to do that (I don't have the necessary permissions.)
- 有没有办法让 Java 忽略证书错误并接受它?
- 如果做不到这一点,有没有办法让我的程序在本地使用信任库,而不是为整个 JVM 安装?
推荐答案
您需要创建一个接受所有证书的虚假 TrustManager,并将其注册为管理器.像这样:
You need to create a fake TrustManager that accepts all certificates, and register it as a manager. Something like this:
public class MyManager implements com.sun.net.ssl.X509TrustManager {
public boolean isClientTrusted(X509Certificate[] chain) { return true; }
public boolean isHostTrusted(X509Certificate[] chain) { return true; }
...
}
com.sun.net.ssl.TrustManager[] managers =
new com.sun.net.ssl.TrustManager[] {new MyManager()};
com.sun.net.ssl.SSLContext.getInstance("SSL").
.init(null, managers, new SecureRandom());
这篇关于是否有可能让 Java 忽略“信任存储"?并接受它获得的任何 SSL 证书?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文