程式扎記: [ Java 常見問題 ] Ignoring SSL certificate in Apache HttpClient 4.3

標籤

2015年3月10日 星期二

[ Java 常見問題 ] Ignoring SSL certificate in Apache HttpClient 4.3

Source From Here
Preface
How to ignore SSL certificate (trust all) for Apache HttpClient 4.3? All the answers that I have found are previous versions, and the API changed. Related:

How-To
The code below works for trusting self-signed certificates. You have to use the TrustSelfSignedStrategy when creating your client:
  1. SSLContextBuilder builder = new SSLContextBuilder();  
  2. builder.loadTrustMaterial(nullnew TrustSelfSignedStrategy());  
  3. SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(  
  4.         builder.build());  
  5. CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(  
  6.         sslsf).build();  
  7.   
  8. HttpGet httpGet = new HttpGet("https://some-server");  
  9. CloseableHttpResponse response = httpclient.execute(httpGet);  
  10. try {  
  11.     System.out.println(response.getStatusLine());  
  12.     HttpEntity entity = response.getEntity();  
  13.     EntityUtils.consume(entity);  
  14. }  
  15. finally {  
  16.     response.close();  
  17. }  
I did not include the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER on purpose: The point was to allow testing with self signed certificates and not having to acquire a proper certificate from a certification authority. You can easily create a self-signed certificate with the correct host name, so do that instead of adding the SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER flag.

Below is an example of accessing "HttpComponents Downloads" page:
  1. package test;  
  2.   
  3. import org.apache.http.HttpEntity;  
  4. import org.apache.http.client.methods.CloseableHttpResponse;  
  5. import org.apache.http.client.methods.HttpGet;  
  6. import org.apache.http.conn.ssl.SSLConnectionSocketFactory;  
  7. import org.apache.http.conn.ssl.TrustSelfSignedStrategy;  
  8. import org.apache.http.impl.client.CloseableHttpClient;  
  9. import org.apache.http.impl.client.HttpClients;  
  10. import org.apache.http.ssl.SSLContextBuilder;  
  11. import org.apache.http.util.EntityUtils;  
  12.   
  13. public class HttpsGetEx {  
  14.     public static void main(String[] args) throws Exception   
  15.     {  
  16.         SSLContextBuilder builder = new SSLContextBuilder();    
  17.         builder.loadTrustMaterial(nullnew TrustSelfSignedStrategy());    
  18.         SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(    
  19.                 builder.build());    
  20.         CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(    
  21.                 sslsf).build();    
  22.             
  23.         HttpGet httpGet = new HttpGet("https://hc.apache.org/downloads.cgi");    
  24.         CloseableHttpResponse response = httpclient.execute(httpGet);    
  25.         try {    
  26.             System.out.println(response.getStatusLine());    
  27.             HttpEntity entity = response.getEntity();    
  28.             System.out.printf("\t[Info] Page Content:\n%s\n", EntityUtils.toString(entity));  
  29.         }    
  30.         finally {    
  31.             response.close();    
  32.         }  
  33.     }  
  34. }  

沒有留言:

張貼留言

網誌存檔