Java：接受自签名证书

发布于 2024-12-09 02:40:28 字数 841 浏览 4 评论 0原文

我使用以下 TrustManager 在 Java 应用程序中接受来自本地测试服务器的自签名证书：

public class CertificateAcceptor {

    private TrustManager[] createTrustManager() {
        TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                // leave blank to trust every client
            }

            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                // leave blank to trust every client
            }
        }};
        return trustAllCerts;
    }

我对此有一些安全问题，因为据我所知，它只接受所有证书。所以我问自己是否有办法只接受来自端口 9443 上的本地主机的证书？

原文

I use the following TrustManager to accept self-signed certificates from my local test server in my Java application:

public class CertificateAcceptor {

    private TrustManager[] createTrustManager() {
        TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                // leave blank to trust every client
            }

            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                // leave blank to trust every client
            }
        }};
        return trustAllCerts;
    }

I have some security concerns with that, since as far as I know, this accepts just all certificates. So I'm asking myself if there is a way to only accept certificates that are coming from localhost on Port 9443?

分享到QQ

分享到微博