我使用以下 TrustManager 在我的 Java 应用程序中接受来自本地测试服务器的自签名证书:
public class CertificateAcceptor {
private TrustManager[] createTrustManager() {
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
// leave blank to trust every client
}
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
// leave blank to trust every client
}
}};
return trustAllCerts;
}
我对此有一些安全问题,因为据我所知,它只接受所有证书。所以我问自己是否有办法只接受来自 localhost 端口 9443 的证书?