问题描述:
我试图连接一个带有SSL认证的WebService,比如地址:https://220.189.212.139/TestWebservice
但是,WebService服务器上是没有证书的,或者证书错误。我能不能忽略这个错误,使程序正常使用?
我连接WebService的方式是用AXIS生成的Stub的静态连接方法。在Google上也找了一些忽略验证的资料,不过都是针对自己创建的connection,比如:
// Create a trust manager that does not validate certificate chains like the default TrustManager
// This routine right is what Netscape and IE do when they receive a certificate that is not their
// KeyStore. The only difference is that this code does not ask you to accept it.
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {public java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;
}public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { }public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { }
}
};try {// Let us create the factory where we can set some parameters for the connection
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());// Create the socket connection and open it to the secure remote web server
URL url = new URL(httpserver);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();上面的例子大概的思想就是,创建自己的X509TrustManager类,来忽略所有的验证错误
请问,我在Stub静态连接WebService方式中,怎样忽略验证错误?说简单点,就是我不知道在什么地方添加忽略错误的代码,因为我看不到创建连接的地方。我初步的想法是在创建的org.apache.axis.client.Call对象上设置,是不是创建连接的部分都是在Call.invoke()方法中实现的?有这方面经验的人,指点下
我试图连接一个带有SSL认证的WebService,比如地址:https://220.189.212.139/TestWebservice
但是,WebService服务器上是没有证书的,或者证书错误。我能不能忽略这个错误,使程序正常使用?
我连接WebService的方式是用AXIS生成的Stub的静态连接方法。在Google上也找了一些忽略验证的资料,不过都是针对自己创建的connection,比如:
// Create a trust manager that does not validate certificate chains like the default TrustManager
// This routine right is what Netscape and IE do when they receive a certificate that is not their
// KeyStore. The only difference is that this code does not ask you to accept it.
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {public java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;
}public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { }public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { }
}
};try {// Let us create the factory where we can set some parameters for the connection
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());// Create the socket connection and open it to the secure remote web server
URL url = new URL(httpserver);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();上面的例子大概的思想就是,创建自己的X509TrustManager类,来忽略所有的验证错误
请问,我在Stub静态连接WebService方式中,怎样忽略验证错误?说简单点,就是我不知道在什么地方添加忽略错误的代码,因为我看不到创建连接的地方。我初步的想法是在创建的org.apache.axis.client.Call对象上设置,是不是创建连接的部分都是在Call.invoke()方法中实现的?有这方面经验的人,指点下
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货