Axis1.X 繞過證書驗證
阿新 • • 發佈:2018-11-06
參考文章:http://www.cnblogs.com/zhukunrong/p/3791409.html?utm_source=tuicool&utm_medium=referral
我的問題是由於伺服器網站升級協議到TLSv1.2。
PS:JDK1.6不支援TLSv1.2,網上有說可以通過第三方包支援,但是這種方式很難與Axis整合。
所以我只能升級到JDK1.7
另外,我們的老古董程式使用的是Axis1.4框架。
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.axis.components.net.JSSESocketFactory;
public class MyTLSSocketSecureFactory extends JSSESocketFactory {
public MyTLSSocketSecureFactory(Hashtable attributes) {
super(attributes);
// TODO Auto-generated constructor stub
}
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
// TODO Auto-generated method stub
}
} };
@Override
public void initFactory() throws IOException {
SSLContext context;
try {
context = SSLContext.getInstance("TLSv1.2");
context.init(null, trustAllCerts, new java.security.SecureRandom());
sslFactory = context.getSocketFactory();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (KeyManagementException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
在呼叫WebService前使用:
AxisProperties.setProperty("axis.socketSecureFactory", MyTLSSocketSecureFactory.class.getName());
我的問題是由於伺服器網站升級協議到TLSv1.2。
PS:JDK1.6不支援TLSv1.2,網上有說可以通過第三方包支援,但是這種方式很難與Axis整合。
所以我只能升級到JDK1.7
另外,我們的老古董程式使用的是Axis1.4框架。
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.axis.components.net.JSSESocketFactory;
public class MyTLSSocketSecureFactory extends JSSESocketFactory {
public MyTLSSocketSecureFactory(Hashtable attributes) {
super(attributes);
// TODO Auto-generated constructor stub
}
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
// TODO Auto-generated method stub
}
} };
@Override
public void initFactory() throws IOException {
SSLContext context;
try {
context = SSLContext.getInstance("TLSv1.2");
context.init(null, trustAllCerts, new java.security.SecureRandom());
sslFactory = context.getSocketFactory();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (KeyManagementException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
在呼叫WebService前使用:
AxisProperties.setProperty("axis.socketSecureFactory", MyTLSSocketSecureFactory.class.getName());