版權聲明:本文為部落客chszs的原創文章,未經部落客允許不得轉載。 https://blog.csdn.net/chszs/article/details/8206607
作者:chszs,轉載需注明。
作者部落格首頁:http://blog.csdn.net/chszs
在我們的開發環境中,我們為應用程式配置了自簽名的SSL證書,很顯然,我們不會為開發伺服器花證書的錢。是以,我們就面臨着“如何調用帶不可信SSL證書的REST Web服務”這樣的問題。
我使用Jersey REST用戶端調用REST Web服務,代碼示意如下:
作者chszs,轉載需注明。部落格首頁:http://blog.csdn.net/chszs
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
ClientConfig config = new DefaultClientConfig();
config.getProperties().put(
HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
new HTTPSProperties(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
},
context)
);
Client client = Client.create(config);
client.setFollowRedirects(true);
WebResource resource = client.resource("https://myserver/myws");
resource.accept(MediaType.APPLICATION_JSON_TYPE);
String result = resource.post(String.class); ![vulnhub DC-4靶機實戰0X01 環境部署[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)