X509TrustManager覆蓋而不允許所有證書?
[英]X509TrustManager Override without allowing ALL certs?
問題描述
我目前正在重寫X509TrustManager以允許所有證書作為臨時“解決方案”(此時不安全)。 我試圖弄清楚我將如何添加,所以它只接受我遇到問題的特定證書,直到可以進行適當的修復(目前不在我的手中)。 這是當前的代碼。
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
}};
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (GeneralSecurityException e) {
System.out.println(e.getStackTrace());
}
2 個解決方案
解決方案1
7 已采納 2012-08-08 03:59:01
您需要做的就是從getAcceptedIssuers返回證書。 看到這個
InputStream inStream = new FileInputStream("fileName-of-cert");
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
inStream.close();
然后在方法中的數組中返回它
解決方案2
0 2012-08-08 04:06:15
一種可能性是將有問題的證書臨時添加到JVM的密鑰庫中作為可信證書。
使用X509TrustManager:checkServerTrusted的自簽名證書驗證
[英]Self signed cert validation using X509TrustManager:checkServerTrusted
X509TrustManager checkServerTrusted with TLSv1.3
[英]X509TrustManager checkServerTrusted with TLSv1.3
在X509TrustManager中,方法“ getAcceptedIssuers”用於什么?
[英]In X509TrustManager, what are method “getAcceptedIssuers” used for?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
實現 X509TrustManager
X509TrustManager實現不可用htmlunit
沒有X509TrustManager實現可用
如何測試X509TrustManager子類?
如何在X509TrustManager中啟用OCSP?
在Java中還原SSL X509TrustManager
使用X509TrustManager:checkServerTrusted的自簽名證書驗證
X509TrustManager checkServerTrusted with TLSv1.3
默認 X509TrustManager 和通配符主機名驗證?
在X509TrustManager中,方法“ getAcceptedIssuers”用於什么?
相關標簽