From ac3b0cb652066eaa3bac1418adbab11fbe1c7bc9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=A5=8B=E6=96=97=E7=9A=84=E5=B0=8F=E6=9E=9C?=
 <52897691+haonange1314@users.noreply.github.com>
Date: Wed, 28 Dec 2022 10:40:56 +0800
Subject: [PATCH] =?UTF-8?q?fix:=E8=A7=A3=E5=86=B3=E5=86=85=E9=83=A8?=
 =?UTF-8?q?=E8=87=AA=E7=AD=BE=E8=AF=81=E4=B9=A6https=E5=8D=8F=E8=AE=AEurl?=
 =?UTF-8?q?=E6=96=87=E4=BB=B6=E6=97=A0=E6=B3=95=E4=B8=8B=E8=BD=BD=E7=9A=84?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98=20(#396)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: 鞠玉果 <juyg5@chinaunicom.cn>
---
 .../java/cn/keking/utils/DownloadUtils.java   |  6 +++
 .../main/java/cn/keking/utils/SslUtils.java   | 42 +++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 server/src/main/java/cn/keking/utils/SslUtils.java

diff --git a/server/src/main/java/cn/keking/utils/DownloadUtils.java b/server/src/main/java/cn/keking/utils/DownloadUtils.java
index 2ff9401c..2629b238 100644
--- a/server/src/main/java/cn/keking/utils/DownloadUtils.java
+++ b/server/src/main/java/cn/keking/utils/DownloadUtils.java
@@ -35,6 +35,12 @@ public class DownloadUtils {
      * @return 本地文件绝对路径
      */
     public static ReturnResponse<String> downLoad(FileAttribute fileAttribute, String fileName) {
+        // 忽略ssl证书
+        try {
+            SslUtils.ignoreSsl();
+        } catch (Exception e) {
+            logger.error("忽略SSL证书异常:", e);
+        }
         String urlStr = fileAttribute.getUrl().replaceAll("\\+", "%20");
         ReturnResponse<String> response = new ReturnResponse<>(0, "下载成功!!!", "");
         String realPath = DownloadUtils.getRelFilePath(fileName, fileAttribute);
diff --git a/server/src/main/java/cn/keking/utils/SslUtils.java b/server/src/main/java/cn/keking/utils/SslUtils.java
new file mode 100644
index 00000000..d42b88ab
--- /dev/null
+++ b/server/src/main/java/cn/keking/utils/SslUtils.java
@@ -0,0 +1,42 @@
+package cn.keking.utils;
+
+import javax.net.ssl.*;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+/**
+ * @author 鞠玉果
+ */
+public class SslUtils {
+
+    private static void trustAllHttpsCertificates() throws Exception {
+        TrustManager[] trustAllCerts = new TrustManager[1];
+        TrustManager tm = new miTM();
+        trustAllCerts[0] = tm;
+        SSLContext sc = SSLContext.getInstance("SSL");
+        sc.init(null, trustAllCerts, null);
+        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+    }
+
+    static class miTM implements TrustManager, X509TrustManager {
+        public X509Certificate[] getAcceptedIssuers() {
+            return null;
+        }
+
+        public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException {
+        }
+
+        public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException {
+        }
+    }
+
+    /**
+     * 忽略HTTPS请求的SSL证书，必须在openConnection之前调用
+     */
+    public static void ignoreSsl() throws Exception {
+        HostnameVerifier hv = (urlHostName, session) -> true;
+        trustAllHttpsCertificates();
+        HttpsURLConnection.setDefaultHostnameVerifier(hv);
+    }
+
+}