忽略Servlet中的SSL证书 [英] Ignore SSL Certificate in a Servlet
本文介绍了忽略Servlet中的SSL证书的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我收到以下异常:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
我做了一些研究并更改了我的连接代码:
I did some research and changed my connection code this:
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
return true;
}
}).build();
CloseableHttpClient client = HttpClients.custom()
.setRedirectStrategy(new LaxRedirectStrategy())
.setSslcontext(sslContext)
.setConnectionManager(connMgr)
.build();
这解决了到目前为止的问题,我不再获得异常并且连接正常。
This fixed the problem so far, I am no longer getting the exception and the connection works.
当我在Tomcat中运行的Servlet中使用相同的代码时,问题又出现了。
The problem arises again when I use the same code in a Servlet running in Tomcat.
为什么?
推荐答案
请尝试以下代码。
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509TrustManager;
public class DummyX509TrustManager implements X509TrustManager {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString)
throws CertificateException {
}
@Override
public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString)
throws CertificateException {
}
};
final TrustManager[] trustAllCerts = new TrustManager[] { new DummyX509TrustManager() };
try {
SSLContext sslContext= SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, null);
CloseableHttpClient client = HttpClients.custom()
.setRedirectStrategy(new LaxRedirectStrategy())
.setSslcontext(sslContext)
.setConnectionManager(connMgr)
.build();
} catch (KeyManagementException e) {
throw new IOException(e.getMessage());
} catch (NoSuchAlgorithmException e) {
throw new IOException(e.getMessage());
}
这篇关于忽略Servlet中的SSL证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文