Dropwizard客户端处理自签名证书

Question

与Dropwizard相当新。

我发现很多解决方案来处理Jersey和ssl自签名证书。 Dropwizard版本是0.9.2

我试图设置的SSLContext但我得到

The method sslContext(SSLContext) is undefined for the type JerseyClientBuilder 

代码：

TrustManager[] certs = new TrustManager[]{ 
      new X509TrustManager() { 
       @Override 
       public X509Certificate[] getAcceptedIssuers() { 
        return null; 
       } 

       @Override 
       public void checkServerTrusted(X509Certificate[] chain, String authType) 
         throws CertificateException { 
       } 

       @Override 
       public void checkClientTrusted(X509Certificate[] chain, String authType) 
         throws CertificateException { 
       } 
      } 
    }; 

    public static class TrustAllHostNameVerifier implements HostnameVerifier { 

     public boolean verify(String hostname, SSLSession session) { 
      return true; 
     } 

    } 
    private Client getWebClient(AppConfiguration configuration, Environment env) { 
     SSLContext ctx = SSLContext.getInstance("SSL"); 
     ctx.init(null, certs, new SecureRandom()); 
     Client client = new JerseyClientBuilder(env) 
      .using(configuration.getJerseyClient()) 
      .sslContext(ctx) 
      .build("MyClient"); 
     return client; 
    } 

配置部分：

private JerseyClientConfiguration jerseyClient = new JerseyClientConfiguration(); 

public JerseyClientConfiguration getJerseyClient() { 
    return jerseyClient; 
} 

Answer 1

我已经找到了一个简单的解决方案只是使用配置

jerseyClient: 
    tls: 
    verifyHostname: false 
    trustSelfSignedCertificates: true 

Answer 2

我想要在0.9.2中创建一个不安全的客户端，你可以使用ConnectionSocketFactory的Registry，像...

final SSLContext sslContext = SSLContext.getInstance("SSL"); 

    sslContext.init(null, new TrustManager[] { new X509TrustManager() { 
      @Override 
      public void checkClientTrusted(X509Certificate[] x509Certificates, String s) 
        throws java.security.cert.CertificateException { 
      } 
      @Override 
      public void checkServerTrusted(X509Certificate[] x509Certificates, String s) 
        throws java.security.cert.CertificateException { 
      } 
      @Override 
      public X509Certificate[] getAcceptedIssuers() { 
       return new X509Certificate[0]; 
      } 
     } }, new SecureRandom()); 


    final SSLConnectionSocketFactory sslConnectionSocketFactory = 
      new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); 

    final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create() 
      .register("https", sslConnectionSocketFactory) 
      .register("http", PlainConnectionSocketFactory.INSTANCE) 
      .build(); 

    builder.using(registry); 

    Client client = new JerseyClientBuilder(env) 
     .using(configuration.getJerseyClient()) 
     .using(registry) 
     .build("MyInsecureClient");