最近,我花了几个小时试图让wsimport在通过https托管的web服务上工作,并使用假证书(dev deployment)。我试着用windows版本的 wsimport.exe ,来自Java8JDK。我指定了选项 -XdisableSSLHostnameVerification ,但它一直在抱怨错误的证书。确实,证书是无效的,但在dev环境中它应该是可以接受的。我没有找到使wsimport跳过证书检查的简单方法。
wsimport.exe
-XdisableSSLHostnameVerification
xggvc2p61#
最后我得到了一个解决方案,使用 Package 类。我认为分享解决方案是有意义的。希望它能节省一些人的时间,以更好的目的。解决方案(假设java安装在 c:\Program Files\Java\jdk1.8.0_40 ):如何编译 "c:\Program Files\Java\jdk1.8.0_40\bin\javac" -cp "c:\Program Files\Java\jdk1.8.0_40\lib\tools.jar" WSImportSSLByPass.java 如何使用 "c:\Program Files\Java\jdk1.8.0_40\bin\java" -cp "c:\Program Files\Java\jdk1.8.0_40\lib\tools.jar";. WSImportSSLByPass %wsimport args% 代码投入 WSImportSSLByPass.java ```import java.security.KeyManagementException;import java.security.NoSuchAlgorithmException;import java.security.SecureRandom;import java.security.cert.X509Certificate;
c:\Program Files\Java\jdk1.8.0_40
"c:\Program Files\Java\jdk1.8.0_40\bin\javac" -cp "c:\Program Files\Java\jdk1.8.0_40\lib\tools.jar" WSImportSSLByPass.java
"c:\Program Files\Java\jdk1.8.0_40\bin\java" -cp "c:\Program Files\Java\jdk1.8.0_40\lib\tools.jar";. WSImportSSLByPass %wsimport args%
WSImportSSLByPass.java
import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSession;import javax.net.ssl.SSLSocketFactory;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;public class WSImportSSLByPass { public static void main(String[] args) throws Throwable{ configureBypassSSL(); com.sun.tools.internal.ws.WsImport.main(args); } private static void configureBypassSSL() throws NoSuchAlgorithmException, KeyManagementException { SSLContext ssl_ctx = SSLContext.getInstance("SSL"); TrustManager[] trust_mgr = get_trust_mgr(); ssl_ctx.init(null, // key manager trust_mgr, // trust manager new SecureRandom()); // random number generator SSLSocketFactory sf = ssl_ctx.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(sf); HttpsURLConnection.setDefaultHostnameVerifier(new DummyHostVerifier()); } private static TrustManager[] get_trust_mgr() { TrustManager[] certs = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String t) { } public void checkServerTrusted(X509Certificate[] certs, String t) { } } }; return certs; }}class DummyHostVerifier implements HostnameVerifier { public boolean verify(String name, SSLSession sess) { return true; }}
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class WSImportSSLByPass {
public static void main(String[] args) throws Throwable{
configureBypassSSL();
com.sun.tools.internal.ws.WsImport.main(args);
}
private static void configureBypassSSL() throws NoSuchAlgorithmException,
KeyManagementException {
SSLContext ssl_ctx = SSLContext.getInstance("SSL");
TrustManager[] trust_mgr = get_trust_mgr();
ssl_ctx.init(null, // key manager
trust_mgr, // trust manager
new SecureRandom()); // random number generator
SSLSocketFactory sf = ssl_ctx.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(sf);
HttpsURLConnection.setDefaultHostnameVerifier(new DummyHostVerifier());
private static TrustManager[] get_trust_mgr() {
TrustManager[] certs = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
public void checkClientTrusted(X509Certificate[] certs, String t) {
public void checkServerTrusted(X509Certificate[] certs, String t) {
} };
return certs;
class DummyHostVerifier implements HostnameVerifier {
public boolean verify(String name, SSLSession sess) {
return true;
6yoyoihd2#
在双向ssl握手的情况下,我们可以这样修改wsimportsslbaypass类
import com.sun.tools.internal.ws.WsImport;public class OCBWSImport { /** * @param args the command line arguments */ public static void main(String[] args) throws Throwable { // TODO code application logic here //System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jdk1.8.0_131\\jre\\lib\\security\\cacerts"); //System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); //System.setProperty("javax.net.ssl.keyStoreType", "pkcs12"); //Certificate for 2-way handshake System.setProperty("javax.net.ssl.keyStore", "D:\\tuanpa\\yourp12file.p12"); System.setProperty("javax.net.ssl.keyStorePassword", "password of p12 file"); //Hostname checking bypass javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier( new javax.net.ssl.HostnameVerifier() { public boolean verify(String hostname, javax.net.ssl.SSLSession sslSession) { //return hostname.equals("192.168.1.10"); return true; } }); WsImport.main(args); }}
import com.sun.tools.internal.ws.WsImport;
public class OCBWSImport {
/**
* @param args the command line arguments
*/
public static void main(String[] args) throws Throwable {
// TODO code application logic here
//System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jdk1.8.0_131\\jre\\lib\\security\\cacerts");
//System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
//System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
//Certificate for 2-way handshake
System.setProperty("javax.net.ssl.keyStore", "D:\\tuanpa\\yourp12file.p12");
System.setProperty("javax.net.ssl.keyStorePassword", "password of p12 file");
//Hostname checking bypass
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier() {
public boolean verify(String hostname,
javax.net.ssl.SSLSession sslSession) {
//return hostname.equals("192.168.1.10");
});
WsImport.main(args);
2条答案
按热度按时间xggvc2p61#
最后我得到了一个解决方案,使用 Package 类。
我认为分享解决方案是有意义的。希望它能节省一些人的时间,以更好的目的。
解决方案(假设java安装在
c:\Program Files\Java\jdk1.8.0_40):如何编译
"c:\Program Files\Java\jdk1.8.0_40\bin\javac" -cp "c:\Program Files\Java\jdk1.8.0_40\lib\tools.jar" WSImportSSLByPass.java如何使用"c:\Program Files\Java\jdk1.8.0_40\bin\java" -cp "c:\Program Files\Java\jdk1.8.0_40\lib\tools.jar";. WSImportSSLByPass %wsimport args%代码投入
WSImportSSLByPass.java```import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
6yoyoihd2#
在双向ssl握手的情况下,我们可以这样修改wsimportsslbaypass类