亚洲在线久爱草,狠狠天天香蕉网,天天搞日日干久草,伊人亚洲日本欧美

為了賬號安全,請及時綁定郵箱和手機立即綁定
已解決430363個問題,去搜搜看,總會有你想問的

如何在不禁用 SNI 的情況下修復 SSLProtocolException:握手警報:

如何在不禁用 SNI 的情況下修復 SSLProtocolException:握手警報:

蕪湖不蕪 2023-02-23 16:14:32
我制作了一個爬蟲應用程序,由于錯誤“握手警報:unrecognized_name”,某些網站無法連接。我發現的大多數解決方案是通過禁用 SNI 擴展 (jsse.enableSNIExtension=false)。但這會給需要啟用 SNI 的域帶來問題。我怎樣才能只對某些域禁用它?為了進行爬行,我使用了 Jsoup,并且因為我也在使用代理,所以我在啟動時添加了這段代碼。  private static void disableSslVerification() {    TrustManager[] trustAllCertificates = new TrustManager[] {            new X509TrustManager() {                @Override                public X509Certificate[] getAcceptedIssuers() {                    return null; // Not relevant.                }                @Override                public void checkClientTrusted(X509Certificate[] certs, String authType) {                    // Do nothing. Just allow them all.                }                @Override                public void checkServerTrusted(X509Certificate[] certs, String authType) {                    // Do nothing. Just allow them all.                }            }    };    HostnameVerifier trustAllHostnames = new HostnameVerifier() {        @Override        public boolean verify(String hostname, SSLSession session) {            return true; // Just allow them all.        }    };    try {        System.setProperty("https.protocols", "TLSv1.2,TLSv1.1,SSLv3");       // System.setProperty("jsse.enableSNIExtension", "false");        SSLContext sc = SSLContext.getInstance("SSL");        sc.init(null, trustAllCertificates, new SecureRandom());        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());        HttpsURLConnection.setDefaultHostnameVerifier(trustAllHostnames);    }    catch (GeneralSecurityException e) {        throw new ExceptionInInitializerError(e);    }}如您所見,SNIextension 已被注釋。我會很感激一個例子。我要訪問的網址是下一個。https://www.ocinerioshopping.es/
查看完整描述

1 回答

?
慕的地10843

TA貢獻1785條經驗 獲得超8個贊

我設法通過擴展 SSLSocketConnection 并在調用 createSocket 時發送 null 而不是主機名來解決問題。這樣java就禁用了SNI。然后我只是將新類的一個實例傳遞給 Jsoup,我知道 SNI 將在其中失敗。


import javax.net.ssl.*;

import java.io.IOException;

import java.net.InetAddress;

import java.net.Socket;

import java.net.UnknownHostException;

import java.security.KeyManagementException;

import java.security.NoSuchAlgorithmException;

import java.security.SecureRandom;

import java.security.cert.X509Certificate;


public class CustomSSLSocketFactory extends SSLSocketFactory {

    private SSLSocketFactory defaultFactory;

    public CustomSSLSocketFactory() throws IOException {

        TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {

            public void checkClientTrusted(X509Certificate[] chain, String authType) {

            }


            public void checkServerTrusted(X509Certificate[] chain, String authType) {

            }


            public X509Certificate[] getAcceptedIssuers() {

                return null;

            }

        }};


        try {

            SSLContext sslContext = SSLContext.getInstance("SSL");

            sslContext.init((KeyManager[])null, trustAllCerts, new SecureRandom());

            defaultFactory = sslContext.getSocketFactory();

        } catch (KeyManagementException | NoSuchAlgorithmException var3) {

            throw new IOException("Can't create unsecure trust manager");

        }

    }

    @Override

    public String[] getDefaultCipherSuites() {

       return defaultFactory.getDefaultCipherSuites();

    }


    @Override

    public String[] getSupportedCipherSuites() {

        return defaultFactory.getSupportedCipherSuites();

    }


    @Override

    public Socket createSocket(Socket socket, String s, int i, boolean b) throws IOException {

        //magic happens here, we send null as hostname

        return defaultFactory.createSocket(socket, null, i, b);

    }


    @Override

    public Socket createSocket(String s, int i) throws IOException, UnknownHostException {

        return defaultFactory.createSocket(s,i);

    }


    @Override

    public Socket createSocket(String s, int i, InetAddress inetAddress, int i1) throws IOException, UnknownHostException {

        return defaultFactory.createSocket(s,i,inetAddress,i1);

    }


    @Override

    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {

        return defaultFactory.createSocket(inetAddress, i);

    }


    @Override

    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress1, int i1) throws IOException {

        return defaultFactory.createSocket(inetAddress,i, inetAddress1, i1);

    }

}

Jsoup 初始化。


Connection conn = Jsoup.connect(url);

conn.sslSocketFactory(new CustomSSLSocketFactory());


查看完整回答
反對 回復 2023-02-23
  • 1 回答
  • 0 關注
  • 163 瀏覽
慕課專欄
更多

添加回答

舉報

0/150
提交
取消
微信客服

購課補貼
聯系客服咨詢優惠詳情

 幫助反饋 APP下載

慕課網APP
您的移動學習伙伴

 公眾號

掃描二維碼
關注慕課網微信公眾號