From 1c0e0a5bc6f7b317bd8cb5ad9baf0547d8eda63d Mon Sep 17 00:00:00 2001 From: tomsun28 Date: Sat, 2 Apr 2022 21:16:53 +0800 Subject: [PATCH] =?UTF-8?q?[collector]feature=20=E6=A3=80=E6=B5=8B?= =?UTF-8?q?=E7=BD=91=E7=AB=99SSL=E8=AF=81=E4=B9=A6=E6=98=AF=E5=90=A6?= =?UTF-8?q?=E8=BF=87=E6=9C=9F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../collect/common/http/CommonHttpClient.java | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java b/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java index 1b792a1..1c77418 100644 --- a/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java +++ b/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java @@ -17,7 +17,9 @@ import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import java.security.cert.CertificateException; +import java.security.cert.CertificateExpiredException; import java.security.cert.X509Certificate; +import java.util.Date; import java.util.concurrent.TimeUnit; /** @@ -75,7 +77,18 @@ public class CommonHttpClient { @Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override - public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } + public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { + // 判断服务器证书有效期时间 + Date now = new Date(); + if (x509Certificates != null && x509Certificates.length > 0) { + for (X509Certificate certificate : x509Certificates) { + Date deadline = certificate.getNotAfter(); + if (deadline != null && now.after(deadline)) { + throw new CertificateExpiredException(); + } + } + } + } @Override public X509Certificate[] getAcceptedIssuers() { return null; } };