问题
SslContextFactory sec = new SslContextFactory();
sec.setValidateCerts(false);
WebSocketClient client = new WebSocketClient(sec);
The above code is implemented for Jetty WebSockets, to tell the java client to disable certificate validation. Is there any way I can achieve the same in Java API for Tomcat8 WebSockets (JSR-356)?
PS: I have tried this method. It didn't work for Secure WebSocket connection of Tomcat WebSockets
回答1:
Did you generate self signed certificate and trying to use it? Then import your self signed certificate to new keystore and use that keystore as a trust store on your client side.
For a tyrus websocket client, I use like this:
String keyStorePath = StompClientTest.class.getResource("/myapp.keystore").getPath();
System.getProperties().put("javax.net.debug", "all"); // debug your certificate checking
System.getProperties().put(SslContextConfigurator.KEY_STORE_FILE, keyStorePath);
System.getProperties().put(SslContextConfigurator.TRUST_STORE_FILE, keyStorePath);
System.getProperties().put(SslContextConfigurator.KEY_STORE_PASSWORD, "secret");
System.getProperties().put(SslContextConfigurator.TRUST_STORE_PASSWORD, "secret");
final SslContextConfigurator defaultConfig = new SslContextConfigurator();
defaultConfig.retrieve(System.getProperties());
SslEngineConfigurator sslEngineConfigurator = new SslEngineConfigurator(defaultConfig);
sslEngineConfigurator.setHostVerificationEnabled(false);
StandardWebSocketClient webSocketClient = new StandardWebSocketClient();
webSocketClient.getUserProperties().put(ClientProperties.SSL_ENGINE_CONFIGURATOR, sslEngineConfigurator);
For tomcat read answer in following question: https://stackoverflow.com/a/32205864/386213
来源:https://stackoverflow.com/questions/34849045/ignore-certificate-validation-tomcat8-websocket-jsr-356