JAVA HttpsURLConnection 忽略對SSL valid 的驗證

有時候咱們對https進行測試的時候，常常自簽署一個證書給server,這個certificate常常是不能經過驗證的，可是咱們又要用這個https,因此咱們常常來忽略對SSL validation的驗證。

.NET很簡單，就一句話

System.Net.ServicePointManager.ServerCertificateValidationCallback += (se, cert, chain, sslerror) => { return true; };

Java的稍微麻煩一點

import sun.security.mscapi.SunMSCAPI;
import javax.net.ssl.*;
import java.io.*;
import java.net.URL;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;

TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return null;
            }
            public void checkClientTrusted(X509Certificate[] certs, String authType) {
            }
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
            }
        }
        };
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HostnameVerifier allHostsValid = new HostnameVerifier(){
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }

        };
        HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
        URL url = new URL(https_url);
        HttpsURLConnection  conn = (HttpsURLConnection)url.openConnection();
        SSLSocketFactory sslSocketFactory = sc.getSocketFactory();
        conn.setSSLSocketFactory(sslSocketFactory);