java SSL检查绕过SSLSocketFactory

1 年，4 月 Questions & Answers 1923

我正在尝试绕过对我的连接的SSL检查——SSLSocketFactory SSLSocketFactory=（SSLSocketFactory）SSLSocketFactory。getDefault（）

到目前为止，我看到的所有示例（比如Trusting all certificates using HttpClient over HTTPS）都是针对HTTPClient的。有人能为SSLSocketFactory提供一些帮助吗？我正在尝试与我的安全服务器建立SSL连接

谢谢

# 1 楼答案

我不会使用“SSLSocketFactory SSLSocketFactory=（SSLSocketFactory）SSLSocketFactory.getDefault（）；”在我的示例中，您可以看到如何获得不检查任何证书的sslSocket。但我不能建议这样做

import java.net.Socket;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;

class AnyTrust extends X509ExtendedTrustManager {
    static final X509Certificate[] ANY_CA = {};
    @Override public X509Certificate[] getAcceptedIssuers() { return ANY_CA; }
    @Override public void checkServerTrusted(final X509Certificate[] c, final String t)  {}
    @Override public void checkClientTrusted(final X509Certificate[] c, final String t)  { }
    @Override public void checkServerTrusted(final X509Certificate[] c, final String t, final SSLEngine e)  { }
    @Override public void checkServerTrusted(final X509Certificate[] c, final String t, final Socket    e)  { }
    @Override public void checkClientTrusted(final X509Certificate[] c, final String t, final SSLEngine e)  { }
    @Override public void checkClientTrusted(final X509Certificate[] c, final String t, final Socket    e)  { }
}

public class S1 {
    public static final void main(final String [] argc) throws Throwable {
        final SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, new TrustManager[]{new AnyTrust()}, null);
        final SSLSocketFactory sslsocketFactory = sslContext.getSocketFactory();
    }
}

Python中文网

有 Java 编程相关的问题?

java SSL检查绕过SSLSocketFactory

共 (1) 个答案

# 1 楼答案