HttpClient设置忽略SSL，实现HTTPS访问, 解决Certificates does not conform to algorithm constraints

话不多说，直接上代码。

测试API:   https://api.k780.com/?app=life.time&appkey=10003&sign=b59bc3ef6191eb9f747dd4e83c99f2a4&format=json

代码：

import org.apache.http.HttpStatus;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.net.ssl.SSLContext;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

public class TestHttps {

    private static Logger logger = LoggerFactory.getLogger(TestHttps.class);

    public static void main(String[] args) {
        CloseableHttpResponse response = null;
        CloseableHttpClient httpClient = null;
        try {
            String url = "https://api.k780.com/?app=life.time&appkey=10003&sign=b59bc3ef6191eb9f747dd4e83c99f2a4&format=json";
            httpClient = createIgnoreSSLHttpClient();
            if (httpClient == null) {
                logger.error("HttpClient create fail.");
                return;
            }
            HttpGet httpGet = new HttpGet(url);
            response = httpClient.execute(httpGet);
            int statusCode = response.getStatusLine().getStatusCode();
            if (statusCode != HttpStatus.SC_OK) {
                System.out.println("NO_OK : " + null);
            } else {
                String result = EntityUtils.toString(response.getEntity(), "UTF-8");
                System.out.println("OK : " + result);
            }
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            if (response != null) {
                try {
                    response.close();
                } catch (IOException e) {
                    e.printStackTrace();
                }
            }
            if (httpClient != null) {
                try {
                    httpClient.close();
                } catch (IOException e) {
                    e.printStackTrace();
                }
            }
        }
    }

    public static CloseableHttpClient createIgnoreSSLHttpClient() {
        try {
            SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
                public boolean isTrusted(X509Certificate[] chain,
                                         String authType) throws CertificateException {
                    return true;
                }
            }).build();
            SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
            return HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).build();
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }
}

执行结果为： 

OK : {"success":"1","result":{"timestamp":"1572330118","datetime_1":"2019-10-29 14:21:58","datetime_2":"2019年10月29日 14时21分58秒","week_1":"2","week_2":"星期二","week_3":"周二","week_4":"Tuesday"} 

测试使用jdk1.8

可能遇到的问题（报错）：

1.  javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

2.  javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints

解决办法：

找到jdk所在目录，例如我的目录为： D:Javajdk1.8.0_131

找到java.security文件.  目录： D:Javajdk1.8.0_131jrelibsecurityjava.security

编辑该文件，将  下面几行用# 注释，后关闭IDE，后重新打开，build后再次执行即可解决。

jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, 
   DSA keySize < 1024, EC keySize < 224


jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, 
    EC keySize < 224