apache httpclient使用https代理：peer not authenticated

Question

我試圖使用apache httpclient 4.1在hidemyass.com（https://hidemyass.com/proxy-list/search-225434）上使用免費https-proxy-servers的大名單之一。現在我已經嘗試過幾乎所有的人，但我總是得到javax.net.ssl.SSLPeerUnverifiedException：同行不認證 ，所以我用Google搜索，結果發現，沒有任何服務器等證書，例如：

> openssl s_client -tls1 -showcerts -connect 109.75.178.230:3128 
CONNECTED(00000003) 
139856907785896:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337: 

no peer certificate available 

No client certificate CA names sent 

SSL handshake has read 5 bytes and written 7 bytes 

New, (NONE), Cipher is (NONE) 
Secure Renegotiation IS NOT supported 
Compression: NONE 
Expansion: NONE 
SSL-Session: 
    Protocol : TLSv1 
    Cipher : 0000 
    Session-ID: 
    Session-ID-ctx: 
    Master-Key: 
    Key-Arg : None 
    PSK identity: None 
    PSK identity hint: None 
    SRP username: None 
    Start Time: 1393183549 
    Timeout : 7200 (sec) 
    Verify return code: 0 (ok) 

當我試圖切換到http的工作，但在hidemyass上的代理列表中的類型是https。所以我現在不知道該怎麼做......請幫忙。

如果你需要看看我的代碼：http://paste.debian.net/83674/

Answer 1

所以，如果你確定你可以信任的所有證書如下

final TrustStrategy trustStrategy = new TrustStrategy() { 

     @Override 
     public boolean isTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { 
      return true; 
     } 
    }; 
    SSLContext sslcontext = null; 
    try { 
     sslcontext = SSLContexts.custom().loadTrustMaterial(null, trustStrategy).build(); 
    } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) { 
     // TODO Auto-generated catch block 
     e.printStackTrace(); 
    } 
    socketFactory = new SSLConnectionSocketFactory(sslcontext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); 

你了HTTPClient使用，然後創建

httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); 

這將確保所有https呼叫的證書都可信 但確保您只呼叫受信任的站點