webService用axis1.x绕过https证书校验的代码

转自 http://www.cnblogs.com/zhukunrong/p/3791409.html?utm_source=tuicool&utm_medium=referral
Axis 1.x 编写的client访问https的webservice的时候，绕过SSL的校验的核心思想是自己做一个不对证书做任何检查的SocketFactory，并用这个socketFactory来替换Axis本身用的SocketFactory，为了方便，MySocketFactory直接继承Axis的父类JSSESocketFactory 。并且重写父类方法

protected void initFactory() throws IOException

initFactory方法的内容，很简单，就是让checkServerTrusted/checkClientTrusted什么都不返回，然后最后一行将这个SslSocketFactory赋给我们自定义类里的sslFactory变量。

// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}

public void checkClientTrusted(X509Certificate[] certs, String authType) {
// Trust always
}

public void checkServerTrusted(X509Certificate[] certs, String authType) {
// Trust always
}
}
};

// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
// Create empty HostnameVerifier
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};

sc.init(null, trustAllCerts, new java.security.SecureRandom());
sslFactory = sc.getSocketFactory();

在初始化client的地方调一下，改变axis默认的SocketFactory。

AxisProperties.setProperty("axis.socketSecureFactory","my.test.MySocketFactory");//注意包名

以上就是绕过axis1.x证书校验的代码。