如何使Unirest（java）忽略证书错误

  SSLContext sslcontext = SSLContexts.custom() .loadTrustMaterial(null, new TrustSelfSignedStrategy()) .build(); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); CloseableHttpClient httpclient = HttpClients.custom() .setSSLSocketFactory(sslsf) .build(); Unirest.setHttpClient(httpclient); 

这对我有用

这就是我最终解决了我的问题：

 public static HttpClient makeClient(){ SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); try { schemeRegistry.register(new Scheme("https", 443, new MockSSLSocketFactory())); } catch (KeyManagementException e) { e.printStackTrace(); } catch (UnrecoverableKeyException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } ClientConnectionManager cm = new SingleClientConnManager(schemeRegistry); DefaultHttpClient httpclient = new DefaultHttpClient(cm); return httpclient; } 

我已经刮了一整天，我希望这可以帮助别人。

证书错误解决方案是几个地方的组合

• https://github.com/Mashape/unirest-java/issues/70 ，我开始了。
• http://literatejava.com/networks/ignore-ssl-certificate-errors-apache-httpclient-4-4/非常好的解释。
• http://www.baeldung.com/httpclient-ssl ，所有版本的解决方案。

和一个相对完整的例子。

 import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import javax.net.ssl.SSLContext; import javax.security.cert.CertificateException; import javax.security.cert.X509Certificate; import org.apache.http.client.HttpClient; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.conn.ssl.TrustSelfSignedStrategy; import org.apache.http.impl.client.HttpClients; import org.apache.http.ssl.SSLContextBuilder; import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.JsonNode; import com.mashape.unirest.http.Unirest; import com.mashape.unirest.http.exceptions.UnirestException; public class XXX { private static HttpClient unsafeHttpClient; static { try { SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy() { public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { return true; } }).build(); unsafeHttpClient = HttpClients.custom().setSSLContext(sslContext) .setSSLHostnameVerifier(new NoopHostnameVerifier()).build(); } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) { e.printStackTrace(); } } public static HttpClient getClient() { return unsafeHttpClient; } public static void main(String[] args) { try { HttpClient creepyClient = RestUnirestClient.getClient(); Unirest.setHttpClient(creepyClient); HttpResponse response = Unirest.get("https://httpbin.org/get?show_env=1").asJson(); System.out.println(response.getBody().toString()); } catch (UnirestException e) { e.printStackTrace(); } } } 

不幸的是，Unirest没有本地方式来配置SSL，因此提供自定义HttpClient实例看起来是唯一的选择。 这是一个解决方案，它不使用已弃用的类（如’DefaultHttpClient’）并使用自签名证书：

 protected void prepareHttpsClient() { HttpClientBuilder clientBuilder = HttpClientBuilder.create(); try { String certificateStorage = <>; String certificatePassword = <>; SSLContext sslContext = SSLContexts.custom().loadTrustMaterial( new File(certificateStorage), certificatePassword.toCharArray(), new TrustSelfSignedStrategy()).build(); SSLConnectionSocketFactory sslFactory = new SSLConnectionSocketFactory(sslContext, new String[]{"TLSv1"}, null, SSLConnectionSocketFactory.getDefaultHostnameVerifier()); clientBuilder.setSSLSocketFactory(sslFactory); } catch (Exception e) { throw new IllegalArgumentException("Error configuring server certificates.", e); } HttpClient httpClient = clientBuilder.build(); Unirest.setHttpClient(httpClient); }