我正在尝试创建一些样例Java项目,以连接到一个自签名的HTTPS服务器。我似乎无法让Java停止尝试验证证书。我不想信任这个证书,我只想完全忽略所有证书验证;这个服务器在我的网络内部,我想能够运行一些测试应用程序,而不必担心证书是否有效。
java -Dcom.sun.net.ssl.checkRevocation=false HelloWorld
org.apache.axis2.AxisFault: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
-Dcom.sun.net.ssl.checkRevocation=false无效。我还尝试添加以下代码:
public static void DisableCertificateValidation() {
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() { return null; }
public void checkClientTrusted(X509Certificate[] certs, String authType) { }
public void checkServerTrusted(X509Certificate[] certs, String authType) { }
}
};
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
}
}
但仍然存在相同的问题。这是怎么回事?