这个问题在这里已经有了答案:
Disable SSL certificate check in retrofit library
(7 个回答)
4年前关闭。
我已经安装并打开了 PacketCapture,然后当我使用 Okhttp 向我的服务器请求 API 时,我得到了这个异常。
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
是否可以忽略 SSL 错误?
最佳答案
OkHttpClient.Builder
允许您添加自己的SSLContext
和 TrustManager
.这是来自 gist 的代码忽略所有错误:
private static OkHttpClient getUnsafeOkHttpClient() {
try {
// Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain,
String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
String authType) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
};
// Install the all-trusting trust manager
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
// Create an ssl socket factory with our all-trusting manager
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
return new OkHttpClient.Builder()
.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0])
.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
}).build();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
注:这是一个不安全的解决方案。用它来调试东西。
关于java - 如何忽略 Okhttp 中的 SSL 错误?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50961123/