Spring Boot 2.5,Java 15 Java HttpClient或Apache HttpClient,检查目标证书的CN
是否可以提交一个String
值来检查(如果它等于)目标证书的CN
(String
值)
我用
HttpRequest request = HttpRequest.newBuilder()
.POST(HttpRequest.BodyPublishers.ofString(body))
.uri(URI.create("https://<ip-address>/..."))
.timeout(Duration.ofMillis(1000))
.build();
HttpResponse<String> response;
try {
response = HttpClient.newBuilder()
.version(Version.HTTP_1_1)
.authenticator(this.authenticator)
.build()
.send(request, HttpResponse.BodyHandlers.ofString());
} catch (InterruptedException iex) {
} catch (IOException ioex) {
}
或者,如果无法提交,可能可以定义或设置一个方法,从目标证书读取CN,并对照另一个字符串值检查该值
具有HttpsURLConnection
的一种解决方案是:
HostnameVerifier myHostnameVerifier = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
// check what ever, example CN from certificat
Certificate[] peerCertificates = session.getPeerCertificates();
Certificate peerCertificate = peerCertificates[0];
...
return <true> or <false>;
}
}
HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
con.setHostnameVerifier(myHostnameVerifier);
使用HttpsURLConnection
意味着使用OutputStream
和InputStream
,这是一种老式风格
JavaHttpClient
或Apache HttpClient也可以这样做吗?
我必须并行运行许多连接
共 (0) 个答案