jdk7下httpclient请求https问题

今天和商户技术解决httpclient请求https问题，对方一直提示“javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated”，无论我怎么调试都不行，最后悲催的发现对方使用的jdk7（我本地使用的是jdk6）,原来JDK7 has changed the default Java security settings to disable MD2 algorithm to sign SSL certificates.，解决方案为：

The default Java security settings can be re-enabled by editing JDK_HOME/jre/lib/security/java.security and commenting out the following line:

jdk.certpath.disabledAlgorithms=MD2

to

#jdk.certpath.disabledAlgorithms=MD2
Windows path to the config file: C:\Program Files (x86)\Java\jre7\lib\security

附：httputil中请求https需要加入以下代码

public static org.apache.http.client.HttpClient wrapClient(
			org.apache.http.client.HttpClient base) {
		try {
			SSLContext ctx = SSLContext.getInstance("TLS");
			X509TrustManager tm = new X509TrustManager() {
				public X509Certificate[] getAcceptedIssuers() {
					return null;
				}

				public void checkClientTrusted(X509Certificate[] arg0,
						String arg1) throws CertificateException {
				}

				public void checkServerTrusted(X509Certificate[] arg0,
						String arg1) throws CertificateException {
				}
			};
			ctx.init(null, new TrustManager[] { tm }, null);
			SSLSocketFactory ssf = new SSLSocketFactory(ctx,
					SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
			SchemeRegistry registry = new SchemeRegistry();
			registry.register(new Scheme("https", 443, ssf));
			ThreadSafeClientConnManager mgr = new ThreadSafeClientConnManager(
					registry);
			return new DefaultHttpClient(mgr, base.getParams());
		} catch (Exception ex) {
			ex.printStackTrace();
			return null;
		}
	}

	public HttpClient4Util(int timeout, boolean ssl) {
		if (ssl) {
			this.httpclient = new DefaultHttpClient();
			this.httpclient = HttpClient4Util.wrapClient(httpclient);
			httpclient.getParams().setParameter(
					CoreConnectionPNames.SO_TIMEOUT, timeout);
		} else {
			httpclient = new DefaultHttpClient();
			httpclient.getParams().setParameter(
					CoreConnectionPNames.SO_TIMEOUT, timeout);
		}
	}