有没有办法在柑橘框架中关闭 ssl 验证?
Is there a way to turn off ssl validation in citrus framework?
我想测试 https (api) 客户端。
但我想关闭柑橘中的 ssl validation。你能告诉我如何关闭 ssl 验证吗?
(httpActionBuilder -> httpActionBuilder
.client("https://localhost") .send() .get() .header(....)
这是自动检查 ssl 证书。
我收到以下异常:
PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target; nested exception is
javax.net.ssl.SSLHandshakeException.
有没有办法关闭 ssl 验证(就像我们在 postman 或任何其他框架中禁用 ssl 验证一样)。
我如何将 ssl 上下文添加到柑橘测试中
http(httpActionBuilder -> httpActionBuilder
.client("https://....com") .send() .get() .header(....)
您可以试试下面的代码。我正在尝试允许所有受信任的证书,以便您可以进行 https 调用。
try {
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }
public void checkClientTrusted(X509Certificate[] certs, String authType) { }
public void checkServerTrusted(X509Certificate[] certs, String authType) { }
} };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(
sslcontext, NoopHostnameVerifier.INSTANCE);
HttpClients.custom()
.setSSLSocketFactory(sslSocketFactory)
.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.build();
}
catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
throw new BeanCreationException("Failed to create http client for ssl connection", e);
}
添加关注class
class NonValidatingTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
然后在 Spring @Configuration 中通过声明新 bean
覆盖默认的 SSLContext
@Bean
public SSLContext sslContext() throws KeyManagementException, NoSuchAlgorithmException {
SSLContext ctx = SSLContext.getInstance("TLS"); // or try "SSL"
ctx.init(null, new TrustManager[] { new NonValidatingTrustManager() }, null);
return ctx;
}
更新
对于测试,您创建单独的配置 class 并将覆盖的 SSLContext 也放在那里:
@TestConfiguration
class TestConfig {
@Bean
public SSLContext sslContext() throws Exception {
SSLContext ctx = SSLContext.getInstance("TLS"); // or try "SSL"
ctx.init(null, new TrustManager[] { new NonValidatingTrustManager() }, null);
return ctx;
}
}
并在单元测试中使用它,例如:
@SpringBootTest(classes = { TestConfig.class })
class MyTest {
...
}
我想测试 https (api) 客户端。
但我想关闭柑橘中的 ssl validation。你能告诉我如何关闭 ssl 验证吗?
(httpActionBuilder -> httpActionBuilder
.client("https://localhost") .send() .get() .header(....)
这是自动检查 ssl 证书。
我收到以下异常:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException.
有没有办法关闭 ssl 验证(就像我们在 postman 或任何其他框架中禁用 ssl 验证一样)。
我如何将 ssl 上下文添加到柑橘测试中
http(httpActionBuilder -> httpActionBuilder .client("https://....com") .send() .get() .header(....)
您可以试试下面的代码。我正在尝试允许所有受信任的证书,以便您可以进行 https 调用。
try {
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }
public void checkClientTrusted(X509Certificate[] certs, String authType) { }
public void checkServerTrusted(X509Certificate[] certs, String authType) { }
} };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(
sslcontext, NoopHostnameVerifier.INSTANCE);
HttpClients.custom()
.setSSLSocketFactory(sslSocketFactory)
.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.build();
}
catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
throw new BeanCreationException("Failed to create http client for ssl connection", e);
}
添加关注class
class NonValidatingTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
然后在 Spring @Configuration 中通过声明新 bean
@Bean
public SSLContext sslContext() throws KeyManagementException, NoSuchAlgorithmException {
SSLContext ctx = SSLContext.getInstance("TLS"); // or try "SSL"
ctx.init(null, new TrustManager[] { new NonValidatingTrustManager() }, null);
return ctx;
}
更新
对于测试,您创建单独的配置 class 并将覆盖的 SSLContext 也放在那里:
@TestConfiguration
class TestConfig {
@Bean
public SSLContext sslContext() throws Exception {
SSLContext ctx = SSLContext.getInstance("TLS"); // or try "SSL"
ctx.init(null, new TrustManager[] { new NonValidatingTrustManager() }, null);
return ctx;
}
}
并在单元测试中使用它,例如:
@SpringBootTest(classes = { TestConfig.class })
class MyTest {
...
}