TOC

Comment ignorer la vérification de certificat dans un client de service Web Java

Dans l’environnement de développement des services Web Java, les développeurs génèrent toujours un certificat de test à l’aide de keytool . Lors des tests client, le client de test de service Web rencontre souvent les messages d’erreur suivants:

  1. lien://services web/jax-ws/hôte-java-security-cert-certificateexception-no-name-matching-local-found/[java.security.cert.CertificateException:

Aucun nom correspondant à l’hôte local trouvé]. link://services Web/jax-ws/suncertpathbuilderexception-impossible-à-trouver-valide-certification-chemin-à-cible-demandée/[SunCertPathBuilderException:

impossible de trouver un chemin de certification valide vers la cible demandée]

Voici un code source, que j’ai copié du livre: Java Web Services: 1ère édition de Martin Kalin , qui permet de vérifier le certificat et le nom d’hôte. Un code très utile dans l’environnement de test SEULEMENT , recommande d’étudier et de mettre en signet pour référence future :) 

package com.mkyong.client;

import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.io.** ;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class HttpsClient{

  public static void main(String[]args)
  {
     new HttpsClient().testIt();
  }

  private TrustManager[]get__trust__mgr() {
     TrustManager[]certs = new TrustManager[]{
        new X509TrustManager() {
           public X509Certificate[]getAcceptedIssuers() { return null; }
           public void checkClientTrusted(X509Certificate[]certs, String t) { }
           public void checkServerTrusted(X509Certificate[]certs, String t) { }
         }
      };
      return certs;
  }

  private void testIt(){
     String https__url = "https://localhost:8443/HelloWorld/hello?wsdl";
     URL url;
     try {

       //Create a context that doesn't check certificates.
            SSLContext ssl__ctx = SSLContext.getInstance("TLS");
            TrustManager[]trust__mgr = get__trust__mgr();
            ssl__ctx.init(null,               //key manager
                         trust__mgr,          //trust manager
                         new SecureRandom());//random number generator
            HttpsURLConnection.setDefaultSSLSocketFactory(ssl__ctx.getSocketFactory());

        url = new URL(https__url);
        HttpsURLConnection con = (HttpsURLConnection)url.openConnection();

       //Guard against "bad hostname" errors during handshake.
            con.setHostnameVerifier(new HostnameVerifier() {
                public boolean verify(String host, SSLSession sess) {
                    if (host.equals("localhost")) return true;
                    else return false;
                }
            });

       //dumpl all cert info
        print__https__cert(con);

       //dump all the content
        print__content(con);

     } catch (MalformedURLException e) {
        e.printStackTrace();
     } catch (IOException e) {
        e.printStackTrace();
     }catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
     }catch (KeyManagementException e) {
        e.printStackTrace();
      }
   }

  private void print__https__cert(HttpsURLConnection con){
     if(con!=null){

     try {

    System.out.println("Response Code : " + con.getResponseCode());
    System.out.println("Cipher Suite : " + con.getCipherSuite());
    System.out.println("\n");

    Certificate[]certs = con.getServerCertificates();
    for(Certificate cert : certs){
      System.out.println("Cert Type : " + cert.getType());
      System.out.println("Cert Hash Code : " + cert.hashCode());
      System.out.println("Cert Public Key Algorithm : " + cert.getPublicKey().getAlgorithm());
      System.out.println("Cert Public Key Format : " + cert.getPublicKey().getFormat());
      System.out.println("\n");
    }


     } catch (SSLPeerUnverifiedException e) {
      e.printStackTrace();
     } catch (IOException e){
      e.printStackTrace();
     }
   }
  }

  private void print__content(HttpsURLConnection con){
    if(con!=null){

    try {

    System.out.println("** ** ** ** ** **  Content of the URL ** ** ** ** ** ** ** ** ");

    BufferedReader br =
        new BufferedReader(
            new InputStreamReader(con.getInputStream()));

    String input;

    while ((input = br.readLine()) != null){
       System.out.println(input);
    }
    br.close();

     } catch (IOException e) {
    e.printStackTrace();
     }
   }
  }
}

lien://tag/jax-ws/[jax-ws]lien://tag/web-services/[services web]

Related