Pessoal , Como posso ignorar uma unica chave de uma cadeia de certificados SSL no java ?
obs : Tenho uma cadeira no servidor e uma unica chave diferente no servidor no cliente.
Segue abaixo o código onde permito todos os certificados:
Preciso filtrar e ignorar apenas certificados que não existem no servidor.
int response = 0;
HttpsURLConnection request = null;
try {
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}
};
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
HostnameVerifier hostnameVerifier = (String hostname, SSLSession session) -> {
return true;
};
// Install the all-trusting host verifier
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
request = (HttpsURLConnection) new URL(URL).openConnection();
request.setConnectTimeout(TIMEOUT);
request.setReadTimeout(TIMEOUT);
request.setDoOutput(true);
request.setDoInput(true);
request.setRequestProperty(
"Content-Type",
"application/json; charset=UTF-8"
);
request.setRequestMethod("POST");
request.connect();
try (OutputStream outputStream = request.getOutputStream()) {
outputStream.write(json.getBytes("UTF-8"));
outputStream.close();
}