我的作用是发送一条https消息,信任来自带有JVM(IcedTea6 1.11,Java版本1.6.0_24)的嵌入式Linux模块上的Java应用程序的所有证书(由于信息,我无法访问此嵌入式Linux或JVM进行任何更改,我只能将已编译的Java应用程序放在上面)。
我只有基本的Java知识,但我从网上的一些例子中写了一个信任所有证书的应用程序。一开始我在线上有一个错误
SSLContext sc=SSLContext.getInstance("SSL");
我发现问题是SunJSSE提供程序没有在JVM中实现。我的第一步是添加SunJSSE提供商
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
在这之后,如果我读出提供者,我可以看到添加成功了,现在我找到了提供者"SunJSSE 1.6版"。信任所有证书类别如下:
public final class TrustAllCertificates implements X509TrustManager, HostnameVerifier
{
public X509Certificate[] getAcceptedIssuers() {return null;}
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
public boolean verify(String hostname, SSLSession session) {return true;}
public static void install()
{
try
{
TrustAllCertificates trustAll = new TrustAllCertificates();
final SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[]{trustAll}, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(trustAll);
}
catch (Exeption e)
{
JatLog.writeTempLog("Error: " + e.getMessage());
}
}
}
现在我总是收到错误
访问被拒绝(java.lang.RuntimePermission setFactory)
在执行线路时
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
有人知道如何解决这个问题吗?
看起来像是SecurityManager阻止了这一操作。尝试单个连接的设置:
SSLContext sc = SSLContext.getInstance("SSL");
TrustAllCertificates trustAll = new TrustAllCertificates();
sc.init(null, new TrustManager[] { trustAll }, new java.security.SecureRandom());
URL url = new URL("https://www.google.com/");
URLConnection urlConnection = url.openConnection();
if (urlConnection instanceof HttpsURLConnection) {
HttpsURLConnection uc = (HttpsURLConnection) urlConnection;
uc.setSSLSocketFactory(sc.getSocketFactory());
uc.setHostnameVerifier(trustAll);
uc.connect();
JatLog.writeTempLog("headers: "+uc.getHeaderFields());
uc.disconnect();
}
如果这对要求瑞典人更新安全管理器设置没有帮助;)
hth