webService用axis1.x绕过https证书校验的代码

转自 http://www.cnblogs.com/zhukunrong/p/3791409.html?utm_source=tuicool&utm_medium=referral

Axis 1.x 编写的client访问https的webservice的时候，绕过SSL的校验的核心思想是自己做一个不对证书做任何检查的SocketFactory，并用这个socketFactory来替换Axis本身用的SocketFactory，为了方便，MySocketFactory直接继承Axis的父类JSSESocketFactory 。并且重写父类方法

protected void initFactory() throws IOException

initFactory方法的内容，很简单，就是让checkServerTrusted/checkClientTrusted什么都不返回，然后最后一行将这个SslSocketFactory赋给我们自定义类里的sslFactory变量。

// Create a trust manager that does not validate certificate chains  TrustManager[] trustAllCerts = new TrustManager[] {    new X509TrustManager() {      public X509Certificate[] getAcceptedIssuers() {        return null;      }      public void checkClientTrusted(X509Certificate[] certs, String authType) {        // Trust always      }      public void checkServerTrusted(X509Certificate[] certs, String authType) {        // Trust always      }    }  };  // Install the all-trusting trust manager  SSLContext sc = SSLContext.getInstance("SSL");  // Create empty HostnameVerifier  HostnameVerifier hv = new HostnameVerifier() {        public boolean verify(String arg0, SSLSession arg1) {            return true;        }  };  sc.init(null, trustAllCerts, new java.security.SecureRandom());  sslFactory = sc.getSocketFactory();

在初始化client的地方调一下，改变axis默认的SocketFactory。

AxisProperties.setProperty("axis.socketSecureFactory","my.test.MySocketFactory");//注意包名

以上就是绕过axis1.x证书校验的代码。