亚洲在线久爱草,狠狠天天香蕉网,天天搞日日干久草,伊人亚洲日本欧美

為了賬號安全,請及時綁定郵箱和手機立即綁定
已解決430363個問題,去搜搜看,總會有你想問的

為什么我的放心 POST 方法不能接受所有主機?

為什么我的放心 POST 方法不能接受所有主機?

揚帆大魚 2023-12-13 14:53:32
我們的目標服務器 (censored.local) 具有 HTTPS 證書,CN = censored.com, *.censored.com測試引發異常:javax.net.ssl.SSLException: Certificate for "censored.local" doesn't match any of the subject alternative names: [censored.com, *.censored.com]我理解為什么會發生這種情況(RFC 2818),但我想出于測試目的繞過它。無法在目標服務器上安裝不同的證書。.relaxedHTTPSValidation() 和 .allowAllHostnames() 不起作用。所以,我嘗試編寫代碼:我的測試課:....given().spec(reqSpec)...我的配置類:public abstract class Configurator {    protected static TestEnv envConf = chooseEnv();    protected static RequestSpecification reqSpec;    static { try { reqSpec = configureRestAssured(); } catch (Exception e) {e.printStackTrace(); } }    protected static TestEnv chooseEnv() {        // Some logic following to select an instance from TestEnv (not shown here)        ...            envConf = TestEnv.BETA;        return envConf;    }    protected static RequestSpecification configureRestAssured() {        RequestSpecification reqSpec = new RequestSpecBuilder().build();        reqSpec                .header("Authorization", String.format("Bearer %s", envConf.getBearerToken()))                // This gets the censored.local URI:                .baseUri(envConf.getBaseURI())                .config(getRAconfig());        return reqSpec;    }    private static RestAssuredConfig getRAconfig() {        SSLSocketFactory sslSocket = getSSLsocket (envConf.getKeystoreFile(), "keystorePassword", "PrivateKeyPassword");        RestAssuredConfig raConfig = RestAssuredConfig.config()        .sslConfig(SSLConfig.sslConfig().sslSocketFactory(sslSocket));        return raConfig;    }STRICT基本上顯示了我的問題嗎?如果是這樣,如何破解非嚴格的 x509HostnameVerifier?另外,我知道以下內容,但不知道如何將其用于我的放心連接:https://tutoref.com/how-to-disable-ssl-certificat-validation-in-java/
查看完整描述

1 回答

?
Cats萌萌

TA貢獻1805條經驗 獲得超9個贊

我找到了根據需要自定義 SSL 配置的方法。附有稍微審查的代碼。尋找“圣杯”評論:


 protected static RequestSpecification configureRestAssured() {

    // Create the ReqSpec instance:

    RequestSpecification reqSpecToBuild = new RequestSpecBuilder().build();

    // Configure more simple stuff for common request specification:

    reqSpecToBuild

            .header("Content-Type", "application/json")

            .baseUri(envConf.getBaseURI())

            .config(getRAconfig());

    return reqSpecToBuild; 

    }

// Add extended config object to the request spec:

private static RestAssuredConfig getRAconfig() {

    // Create a special socket with our keystore and ALLOW_ALL_HOSTNAME_VERIFIER:

    SSLSocketFactory sslSocket = getSSLsocket (envConf.getKeystoreFile(), somePass, somePass);

    // Create a configuration instance to load into the request spec via config():

    RestAssuredConfig raConfigToBuild = RestAssuredConfig.config()

            // Set SSL configuration into the RA configuration, with an SSLConfig object, that refers to our socket:

            .sslConfig(SSLConfig.sslConfig().sslSocketFactory(sslSocket));

    return raConfigToBuild;

}

private static SSLSocketFactory getSSLsocket(String ksPath, String ksPassword, String pkPassword) {

    KeyStore keystore = KeyStore.getInstance("PKCS12");

    // Load keystore file and password:

    keystore.load(new FileInputStream(ksPath), ksPassword.toCharArray());

    SSLContext context = SSLContexts.custom()

            .loadKeyMaterial(keystore, pkPassword.toCharArray())

            .build();

    // This is the holy grail:

    SSLSocketFactory sslSocketToBuild = new SSLSocketFactory(context, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

    return sslSocketToBuild;

}

}

請注意,我不僅向 SSLSocketFactory 的構造函數提供一個參數,而且還提供常規參數(上下文)以及 ALLOW_ALL_HOSTNAME_VERIFIER 參數 - 這會產生影響!


查看完整回答
反對 回復 2023-12-13
  • 1 回答
  • 0 關注
  • 151 瀏覽
慕課專欄
更多

添加回答

舉報

0/150
提交
取消
微信客服

購課補貼
聯系客服咨詢優惠詳情

 幫助反饋 APP下載

慕課網APP
您的移動學習伙伴

 公眾號

掃描二維碼
關注慕課網微信公眾號