各种编程语言忽略http的SSL证书认证
前言
我们内部测试的http服务器很多时候证书都是没有经过第三方认证的,我们发送http请求基本上都是忽略证书认证。
我总结了一下常用编程语言使用http请求时忽略证书认证的代码片段,记录一下下。
代码
go语言
func httpPost(url, body string) ([]byte, error) {
req, err := http.NewRequest(http.MethodPost, urlPre+url, strings.NewReader(body))
if err != nil {
return nil, err
}
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
client := &http.Client{ // 忽略证书验证
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
},
}
resp, err := client.Do(req)
if resp != nil {
defer resp.Body.Close()
}
if err != nil {
return nil, err
}
data, err := ioutil.ReadAll(resp.Body)
if err != nil {
return nil, err
}
return data, nil
}
Python语言
import json
import requests
try:
# verify = False 表示忽略证书
response = requests.post("http://www.baidu.com/",verify = False, headers = header, data = "")
data = json.loads(response.text)
print(data)
except Exception as e:
print('error:', e)
Ruby语言
require 'rest-client'
require 'json'
begin
# :verify_ssl => OpenSSL::SSL::VERIFY_NONE 表示忽略证书
resp = RestClient::Request.execute(method: :post, url: "http://www.baidu.com/", payload: "", headers: headers, :verify_ssl => OpenSSL::SSL::VERIFY_NONE)
data = JSON.parse(resp.body)
puts(data)
rescue => e
puts("#{e.class}, #{e.message}")
end
Java语言
package iotp;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class janbar {
public static void main(String[] args) {
trustAllHosts(); // 只在开头执行一次即可
String data = httpPost("http://www.baidu.com/", "");
System.out.println(data);
}
public static String httpPost(String httpUrl, String param) {
HttpsURLConnection connection = null;
InputStream is = null;
OutputStream os = null;
BufferedReader br = null;
String result = null;
try {
// 通过远程url连接对象打开连接
connection = (HttpsURLConnection) new URL(urlPre + httpUrl).openConnection();
// 忽略证书认证
connection.setHostnameVerifier(DO_NOT_VERIFY);
// 设置连接请求方式
connection.setRequestMethod("POST");
// 设置连接主机服务器超时时间:15000毫秒
connection.setConnectTimeout(15000);
// 设置读取主机服务器返回数据超时时间:60000毫秒
connection.setReadTimeout(60000);
// 默认值为:false,当向远程服务器传送数据/写数据时,需要设置为true
connection.setDoOutput(true);
// 默认值为:true,当前向远程服务读取数据时,设置为true,该参数可有可无
connection.setDoInput(true);
// 设置传入参数的格式:请求参数应该是 name1=value1&name2=value2 的形式。
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
// 通过连接对象获取一个输出流
os = connection.getOutputStream();
// 通过输出流对象将参数写出去/传输出去,它是通过字节数组写出的
os.write(param.getBytes());
// 通过连接对象获取一个输入流,向远程读取
if (connection.getResponseCode() == 200) {
is = connection.getInputStream();
// 对输入流对象进行包装:charset根据工作项目组的要求来设置
br = new BufferedReader(new InputStreamReader(is, "UTF-8"));
StringBuffer sbf = new StringBuffer();
String temp = null;
// 循环遍历一行一行读取数据
while ((temp = br.readLine()) != null) {
sbf.append(temp);
sbf.append("\r\n");
}
result = sbf.toString();
}
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} finally {
// 关闭资源
if (null != br) {
try {
br.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (null != os) {
try {
os.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (null != is) {
try {
is.close();
} catch (IOException e) {
e.printStackTrace();
}
}
// 断开与远程地址url的连接
connection.disconnect();
}
return result;
}
private static void trustAllHosts() {
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[] {};
}
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
} };
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
}
private final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
}
PHP语言
<?php
function httpPost($url, $content) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // 跳过证书检查
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); // 从证书中检查SSL加密算法是否存在
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type','application/x-www-form-urlencoded'));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $content);
$response = curl_exec($ch);
if($error=curl_error($ch)){
die($error);
}
curl_close($ch);
return $response;
}
$data = httpPost("http://www.baidu.com/", "");
$data = json_decode($data, true);
var_dump($data);
C#语言
using System;
using System.Collections.Generic;
using System.Text;
using System.Net;
using System.IO;
namespace SundrayApi
{
class Program
{
static void Main(string[] args)
{
string data = apiPost("http://www.baidu.com/", "");
Console.WriteLine(data);
Console.ReadLine();
}
static string apiPost(string url, string body)
{
string content = string.Empty;
try
{
/* 跳过ssl验证 */
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true;
HttpWebRequest request = HttpWebRequest.Create(preUrl + url) as HttpWebRequest;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
byte[] data = Encoding.UTF8.GetBytes(body);
Stream newStream = request.GetRequestStream();
newStream.Write(data, 0, data.Length);
newStream.Close();
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream stream = response.GetResponseStream();
StreamReader reader = new StreamReader(stream, Encoding.UTF8);
content = reader.ReadToEnd();
reader.Close();
response.Close();
}
catch (Exception ex)
{
content = ex.ToString();
}
return content;
}
}
}
C/C++语言
c语言需要编译一下下,如下流程即可。
wget https://curl.haxx.se/download/curl-7.73.0.tar.gz
./configure
make
gcc test.c -l curl -L /root/c/curl/curl-7.73.0/lib/.libs -I /root/c/curl/curl-7.73.0/include
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <curl/curl.h>
typedef struct {
char *memory;
size_t size;
} MemoryStruct;
static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
{
size_t realsize = size * nmemb;
MemoryStruct *mem = (MemoryStruct *)userp;
char *ptr = realloc(mem->memory, mem->size + realsize + 1);
if(ptr == NULL) { /* out of memory! */
printf("not enough memory (realloc returned NULL)\n");
return 0;
}
mem->memory = ptr;
memcpy(&(mem->memory[mem->size]), contents, realsize);
mem->size += realsize;
mem->memory[mem->size] = 0;
return realsize;
}
int httpPost(const char *url, char *data, int size)
{
int ret = -1;
if(url == NULL || data == NULL){
return ret;
}
CURL *curl = curl_easy_init();
struct curl_slist* headers;
long retcode = 0;
MemoryStruct chunk;
chunk.size = 0;
chunk.memory = malloc(1);
headers = curl_slist_append(headers, "Content-Type: application/x-www-form-urlencoded");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_easy_setopt(curl, CURLOPT_POST, 1);
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
curl_easy_setopt(curl, CURLOPT_URL, url);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk);
CURLcode res = curl_easy_perform(curl);
curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &retcode);
if (res == CURLE_OK && retcode == 200) {
ret = 0;
if (chunk.size > 0) {
if (chunk.size > size)
chunk.size = size - 1; /* 超出限制,不拷贝 */
memcpy(data, chunk.memory, chunk.size);
}
data[chunk.size] = 0; /* 结束符 */
} else {
ret = -2;
}
curl_easy_cleanup(curl);
free(chunk.memory);
return ret;
}
int main(int argc, char *argv[])
{
int url_len = 128, data_len = 2048;
char *url = (char *)malloc(sizeof(char) * url_len);
char *data = (char *)malloc(sizeof(char) * data_len);
strcpy(url, "http://www.baidu.com/");
strcpy(data, "");
int ret = httpPost(url, data, data_len);
if (ret != 0) {
return ret;
}
printf("[%s]\n\n",data);
return 0;
}
shell语言
#!/bin/bash
# 使用 -k 参数忽略证书
data=$(curl -s -k "http://www.baidu.com/" -d "")
echo "$data"
总结
把常用编程语言的http忽略证书代码做个笔记,方便以后再来查看。本来想谢谢lua的,但是lua连socket都得编译个库来搞,还是以后有需求再搞搞吧。
另外再附上【https跳过证书校验底层原理】
各种编程语言忽略http的SSL证书认证的更多相关文章
- QT https post请求(QNetworkRequest要设置SSL证书,而SSL证书认证有三种,实测成功)
以VS开发为例.因为https访问需要用到SSL认证,而QT默认是不支持SSL认证,所以在使用之前必须先做一些准备工作: 需要安装OpenSSL库: 1.首先打开http://slproweb.com ...
- JAVA中SSL证书认证通讯
JAVA中SSL证书认证通讯 SSL通讯服务端 /******************************************************************** * 项目名称 ...
- QT https post请求(QNetworkRequest要设置SSL证书,而SSL证书认证有三种)
因为https访问需要用到SSL认证,而QT默认是不支持SSL认证,所以在使用之前必须先做一些准备工作: 需要安装OpenSSL库: 1.首先打开http://slproweb.com/product ...
- Java爬虫https网页内容报错SSLHandshakeException信任(忽略)所有SSL证书
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building f ...
- HTTPS请求 SSL证书验证
import urllib2 url = "https://www.12306.cn/mormhweb/" headers = {"User-Agent": & ...
- StartCom 申请 SSL 证书及 Nginx HTTPS 支持配置全攻略
来源:https://www.williamyao.com/index.php/archives/1397/ 前言 最近收到 StartCom 的邮件,数字证书即将过期,想到去年在 StartSSL ...
- 如何给网站添加SSL证书(免费)
上篇讲了如何将网站部署到服务器上,这篇就讲如何给网站添加SSL证书. 1.先到腾讯云ssl证书认证那里申请一个证书 2.DNS认证 3.下载解压nginx里面的文件 4. 在服务器上/www目录下创建 ...
- [转] Nginx 配置 SSL 证书 + 搭建 HTTPS 网站教程
一.HTTPS 是什么? 根据维基百科的解释: 超文本传输安全协议(缩写:HTTPS,英语:Hypertext Transfer Protocol Secure)是超文本传输协议和SSL/TLS的组合 ...
- Nginx 配置 SSL 证书 + 搭建 HTTPS 网站教程
一.HTTPS 是什么? 根据维基百科的解释: 超文本传输安全协议(缩写:HTTPS,英语:Hypertext Transfer Protocol Secure)是超文本传输协议和SSL/TLS的组合 ...
随机推荐
- ISCSI共享
共享存储 ISCSI共享 服务端 软件安装 Install epel-release: # yum install epel-release Install scsi-target-utils rpm ...
- day64 Pyhton 框架Django 07
day67 内容回顾 视图 1. CBV 定义 from django.views import View class Addpub(View): def get(self,request): sel ...
- 面试一个百度T7程序员,一道简单的题没答上来!网友却都在吐槽面试官!
程序员面试时都考些什么? 一个面试官得意洋洋地说自己面了一个百度T7,出了一道coding题,结果对方连最长上升子序列都写不出来. 楼主本想嘲弄一下百度T7的代码水平低,没想到网友们炸开了锅,纷纷 ...
- spring boot:spring security实现oauth2+jwt管理认证授权及oauth2返回结果格式化(spring boot 2.3.3)
一,为什么oauth2要整合jwt? 1,OAuth2的token技术有一个最大的问题是不携带用户信息,所以资源服务器不能进行本地验证, 以致每次对于资源的访问,资源服务器都需要向认证服务器的toke ...
- git的一些操作命令
一,如何修改一个commit的注释? root@kubuntu:/data/git/clog# git commit --amend 说明:架构森林是一个专注架构的博客,地址:https://www. ...
- centos8平台:redis6配置启用io多线程(redis6.0.1)
一,linux平台上redis6的安装 请参见这一篇: https://www.cnblogs.com/architectforest/p/12830056.html 说明:刘宏缔的架构森林是一个专注 ...
- python去除特殊字符
去除数字,特殊字符,只保留汉字 ? 1 2 3 4 5 6 7 8 import re s = '1123*#$ 中abc国' str = re.sub('[a-zA-Z0-9'!"# ...
- centos6.8 架设 Telnet 服务
centos6.8 架设 Telnet 非常简单 百度云下载RPM,然后上传到服务器 链接:https://pan.baidu.com/s/1w91HBf1TOJsZsqBMQnO7tA 提取码:au ...
- 市场清仓价格算法 python求矩阵不同行不同列元素和的最大值
问题描述 求矩阵不同行不同列元素和的最大值(最小值) 问题求解 1.通过scipy库求解 scipy.optimize库中的linear_sum_assignment方法可以求解 输入一个矩阵,参数m ...
- 关于overflow的理解
overflow会把超出父盒子的部分继续不同修改 在这我只执行一个常用属性值 原始代码如下(未设置overflow前): 执行结果: 设置后运行结果: