Disabling Certificate Validation in an HTTPS Connection

最新推荐文章于 2022-01-11 13:04:00 发布

iteye_3662

最新推荐文章于 2022-01-11 13:04:00 发布

阅读量140

点赞数

CC 4.0 BY-SA版权

分类专栏： java 文章标签： java

本文链接：https://blog.youkuaiyun.com/iteye_3662/article/details/82231704

java 专栏收录该内容

34 篇文章

订阅专栏

final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
	public boolean verify(String hostname, SSLSession session) {
		return true;
	}
};

//Trust every server - dont check for any certificate 
private static void trustAllHosts() {
	// Create a trust manager that does not validate certificate chains
	TrustManager[] trustAllCerts = new TrustManager[] {
		new X509TrustManager() {
			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
				return new java.security.cert.X509Certificate[] {};
			}
			public void checkClientTrusted(X509Certificate[] chain, String authType) {
			}
			public void checkServerTrusted(X509Certificate[] chain, String authType) {
			}
		}
	};
	// Install the all-trusting trust manager
	try {
		SSLContext sc = SSLContext.getInstance("TLS");
		sc.init(null, trustAllCerts, new java.security.SecureRandom());
		HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
	} catch (Exception e) {
		e.printStackTrace();
	}
}

URL url = new URL(effectiveUrl);
if (url.getProtocol().toLowerCase().equals("https")) {
	trustAllHosts();
	HttpsURLConnection https = (HttpsURLConnection) url.openConnection();
	https.setHostnameVerifier(DO_NOT_VERIFY);
	connection = https;
} else {
	connection = (HttpURLConnection) url.openConnection();

URL url = new URL("http://haat.cn/DAQgE"); 
URLConnection conn = url.openConnection();
((HttpURLConnection) conn).setInstanceFollowRedirects(false);//Location header  302
String val = conn.getHeaderField("Location");
System.out.println(val);