以下代码可用于信任自签名证书。创建客户端时,必须使用TrustSelfSignedStrategy:
SSLContextBuilder builder = new SSLContextBuilder();builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( builder.build());CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory( sslsf).build();HttpGet httpGet = new HttpGet("https://some-server");CloseableHttpResponse response = httpclient.execute(httpGet);try { System.out.println(response.getStatusLine()); HttpEntity entity = response.getEntity(); EntityUtils.consume(entity);} finally { response.close();}我没有
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER故意包括:重点是允许使用自签名证书进行测试,因此您不必从证书颁发机构获取适当的证书。您可以轻松创建具有正确主机名的自签名证书,而不要添加
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER标志。
