How to control SSLContext scope

2019-04-14 07:47发布

问题:

If I use the following code because I want to, for example, to change the way certificates are validated.

trm = some trust manager

SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[] { trm }, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

Then this sets the SSLContext for all https connections that will be made in the future regardless of what thread. What is the cleanest way to control the scope so that I set it only for those calls I want?

回答1:

You can set the socket factory on the actual connection object that you want to have use this trust store:

HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
urlConnection.setSSLSocketFactory(sc.getSocketFactory());

Do that instead of invoking setDefaultSSLSocketFactory.



标签: java http ssl