创建一个不验证证书链
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
}
};
信任管理器安装所有信任信任管理器
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
}
现在访问HTTPS URL
try {
URL url = new URL("https://www.sandbox.freelancer.com");
HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
BufferedReader br =
new BufferedReader(new InputStreamReader(conn.getInputStream()));
} catch (MalformedURLException e) {
}
为什么不创建只信任该特定证书的信任管理器,并对所有其他证书进行默认检查? – 2011-01-06 00:11:26
@GregS是的,这可能已经完成了,但我认为这不会解决问题,如果证书有一个不受信任的根证书颁发机构链。 – 2011-01-06 16:41:37