upagge/digital-garden
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e797aa0774
digital-garden/dev/snippet/Игнорирование ошибок сертификата OkHttp3.md
Struchkov Mark a95d220f4a
All checks were successful
continuous-integration/drone/push Build is passing
Details
Откатил попытки ссылаться на блок текста
2024-09-04 20:42:47 +03:00

110 lines
3.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
tags:
- maturity/🌱
date:
- - 2023-11-20
zero-link:
- "[[../../../../garden/ru/meta/zero/00 Снипеты для Java|00 Снипеты для Java]]"
parents:
linked:
article: https://note.struchkov.dev/okhttp3-ignore-ssl/
---
> [!DANGER]
> Так лучше не делать, но иногда нужно проигнорировать ошибки связанные с сертификатом сайта.
```java
import lombok.experimental.UtilityClass;
import lombok.extern.slf4j.Slf4j;
import okhttp3.OkHttpClient;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
/**
* @author upagge 03.02.2021
*/
@Slf4j
@UtilityClass
public class OkHttpUtil {
private static OkHttpClient client = new OkHttpClient.Builder().build();
public static OkHttpClient getClient() {
return client;
}
public static void init(boolean ignoreCertificate) {
OkHttpClient.Builder builder = new OkHttpClient.Builder();
log.info("Initialising httpUtil with default configuration");
if (ignoreCertificate) {
builder = configureToIgnoreCertificate(builder);
}
//Other application specific configuration
client = builder.build();
}
//Setting testMode configuration. If set as testMode, the connection will skip certification check
private static OkHttpClient.Builder configureToIgnoreCertificate(OkHttpClient.Builder builder) {
log.warn("Ignore Ssl Certificate");
try {
// Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
}
};
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
builder.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0]);
builder.hostnameVerifier((hostname, session) -> true);
} catch (Exception e) {
log.warn("Exception while configuring IgnoreSslCertificate" + e, e);
}
return builder;
}
}
```
## Как это использовать?
Перед получением `OkHttpClient` необходимо инициализировать настройки игнорирования сертификатов. Для этого вызываем метод:
```java
OkHttpUtil.init(true);
```
После этого можете получить `OkHttpClient`:
```java
OkHttpUtil.getClient();
```
Или вот так:
```java
public class HttpParse {
static {
OkHttpUtil.init(true);
}
private static final OkHttpClient client = OkHttpUtil.getClient();
// ... ... ... ... ...
}
```
Reference in New Issue View Git Blame Copy Permalink