HttpClient使用SSLSocketFactory来创建SSL连接。SSLSocketFactory允许高度定制。它可以使用javax.net.ssl.SSLContext的实例作为参数,并使用它来创建定制SSL连接。
TrustManager easyTrustManager = new X509TrustManager() {@Overridepublic void checkClientTrusted(X509Certificate[] chain,String authType) throws CertificateException {// 哦,这很简单!}@Overridepublic void checkServerTrusted(X509Certificate[] chain,String authType) throws CertificateException {//哦,这很简单!}@Overridepublic X509Certificate[] getAcceptedIssuers() {return null;}};SSLContext sslcontext = SSLContext.getInstance("TLS");sslcontext.init(null, new TrustManager[] { easyTrustManager }, null);SSLSocketFactory sf = new SSLSocketFactory(sslcontext);SSLSocket socket = (SSLSocket) sf.createSocket();socket.setEnabledCipherSuites(new String[] { "SSL_RSA_WITH_RC4_128_MD5" });HttpParams params = new BasicHttpParams();params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 1000L);sf.connectSocket(socket, "locahost", 443, null, -1, params);
SSLSocketFactory的定制暗示出一定程度SSL/TLS协议概念的熟悉,这个详细的解释超出了本文档的范围。请参考Java的安全套接字扩展[http://java.sun.com/j2se/1.5.0/docs/guide/
security/jsse/JSSERefGuide.html],这是javax.net.ssl.SSLContext和相关工具的详细描述