X509TrustManager覆盖而不允许所有证书?
[英]X509TrustManager Override without allowing ALL certs?
问题描述
我目前正在重写X509TrustManager以允许所有证书作为临时“解决方案”(此时不安全)。 我试图弄清楚我将如何添加,所以它只接受我遇到问题的特定证书,直到可以进行适当的修复(目前不在我的手中)。 这是当前的代码。
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
}};
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (GeneralSecurityException e) {
System.out.println(e.getStackTrace());
}
2 个解决方案
解决方案1
7 已采纳 2012-08-08 03:59:01
您需要做的就是从getAcceptedIssuers返回证书。 看到这个
InputStream inStream = new FileInputStream("fileName-of-cert");
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
inStream.close();
然后在方法中的数组中返回它
解决方案2
0 2012-08-08 04:06:15
一种可能性是将有问题的证书临时添加到JVM的密钥库中作为可信证书。
使用X509TrustManager:checkServerTrusted的自签名证书验证
[英]Self signed cert validation using X509TrustManager:checkServerTrusted
X509TrustManager checkServerTrusted with TLSv1.3
[英]X509TrustManager checkServerTrusted with TLSv1.3
在X509TrustManager中,方法“ getAcceptedIssuers”用于什么?
[英]In X509TrustManager, what are method “getAcceptedIssuers” used for?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
实现 X509TrustManager
X509TrustManager实现不可用htmlunit
没有X509TrustManager实现可用
如何测试X509TrustManager子类?
如何在X509TrustManager中启用OCSP?
在Java中还原SSL X509TrustManager
使用X509TrustManager:checkServerTrusted的自签名证书验证
X509TrustManager checkServerTrusted with TLSv1.3
默认 X509TrustManager 和通配符主机名验证?
在X509TrustManager中,方法“ getAcceptedIssuers”用于什么?
相关标签