digital-garden/dev/snippet/Игнорирование ошибок сертификата OkHttp3.md

110 lines
3.5 KiB
Markdown
Raw Normal View History

2024-09-04 20:02:42 +03:00
---
tags:
- maturity/🌱
date:
- - 2023-11-20
zero-link:
- "[[../../../../garden/ru/meta/zero/00 Снипеты для Java|00 Снипеты для Java]]"
parents:
linked:
article: https://note.struchkov.dev/okhttp3-ignore-ssl/
---
> [!DANGER]
> Так лучше не делать, но иногда нужно проигнорировать ошибки связанные с сертификатом сайта.
```java
import lombok.experimental.UtilityClass;
import lombok.extern.slf4j.Slf4j;
import okhttp3.OkHttpClient;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
/**
* @author upagge 03.02.2021
*/
@Slf4j
@UtilityClass
public class OkHttpUtil {
private static OkHttpClient client = new OkHttpClient.Builder().build();
public static OkHttpClient getClient() {
return client;
}
public static void init(boolean ignoreCertificate) {
OkHttpClient.Builder builder = new OkHttpClient.Builder();
log.info("Initialising httpUtil with default configuration");
if (ignoreCertificate) {
builder = configureToIgnoreCertificate(builder);
}
//Other application specific configuration
client = builder.build();
}
//Setting testMode configuration. If set as testMode, the connection will skip certification check
private static OkHttpClient.Builder configureToIgnoreCertificate(OkHttpClient.Builder builder) {
log.warn("Ignore Ssl Certificate");
try {
// Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
}
};
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
builder.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0]);
builder.hostnameVerifier((hostname, session) -> true);
} catch (Exception e) {
log.warn("Exception while configuring IgnoreSslCertificate" + e, e);
}
return builder;
}
}
```
## Как это использовать?
Перед получением `OkHttpClient` необходимо инициализировать настройки игнорирования сертификатов. Для этого вызываем метод:
```java
OkHttpUtil.init(true);
```
После этого можете получить `OkHttpClient`:
```java
OkHttpUtil.getClient();
```
Или вот так:
```java
public class HttpParse {
static {
OkHttpUtil.init(true);
}
private static final OkHttpClient client = OkHttpUtil.getClient();
// ... ... ... ... ...
}
```