问题描述
我在Eclipse IDE中运行以下Java程序: import java.net。*;
import java.io. *;
public class HH
{
public static void main(String [] args)throws异常
{
//如果我注释掉系统属性,并且不要设置任何jvm参数,程序运行并打印出html的罚款。
System.setProperty(http.proxyHost,localhost);
System.setProperty(http.proxyPort,8888);
System.setProperty(https.proxyHost,localhost);
System.setProperty(https.proxyPort,8888);
网址x =新网址(https://www.google.com);
HttpURLConnection hc =(HttpURLConnection)x.openConnection();
hc.setRequestProperty(User-Agent,Mozilla / 5.0(Windows NT 6.0)
AppleWebKit / 535.2(KHTML,像Gecko)Chrome / 15.0.874.121 Safari / 535.2) ;
InputStream is = hc.getInputStream();
int u = 0;
byte [] kj =新字节[1024];
while((u = is.read(kj))!= - 1)
{
System.out.write(kj,0,u);
}
is.close();
}
}
如果fiddler正在运行,则会产生以下异常,无论是捕获还是不捕获:
线程主中的异常javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到有效的认证路径到请求的目标
在com.sun.net .ssl.internal.ssl.Alerts.getSSLException(未知源)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl .internal.ssl.Handshaker.fatalSE(未知来源)
在com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(未知来源)
在com.sun.net.ssl.internal .ssl.ClientHandshaker.serverCertificate(未知来源)
在com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(未知来源)
在com.sun.net.ssl.internal.ssl 。H andshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl。 readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown ...
如果我关闭fiddler,程序运行正常,没有任何例外,在我连接的url上生成html。
如果我指定 System.setProperty(https.proxyPort,443); ,而不是: System.setProperty(https.proxyPort ,8888); ,它运行并打印所有的html,没有例外,即使在提琴手打开,捕获模式,但仍然没有从提琴手捕获。
然后如果我通过eclipse的jvm参数设置这些系统属性,如: -DproxySet = true -DproxyHost = 127.0.0.1 -DproxyPort = 8888 ,同样的确切的异常再次发生,只要fidd ler应用程序正在运行,无论是捕获还是非捕获模式。如果我关闭提琴手,程序将运行得很好。
如果我使用: System.setProperty(http.proxyHost,127.0。 0.1); 而不是: System.setProperty(http.proxyHost,localhost); ,运行正常,提示程序运行没有捕获模式,也没有捕获的流量。
有人在那里,能够捕获自己的https流量与提琴手,而不是通过网络浏览器,但是通过一个java程序?什么是jvm参数,你如何设置它来做到这一点?谢谢
创建一个包含Fiddler证书的密钥库。
将此密钥库用作JVM的信任库以及代理设置。
以下是如何执行此操作:
- 导出Fiddler的根证书
- 使用此证书创建密钥库
出现提示时输入密码。这应该创建一个名为FiddlerKeystore的文件。
- 现在使用Fiddler作为代理启动JVM,这个密钥库作为信任库。你需要这些vmargs:
在eclipse运行配置中使用这些vmargs,你应该很好去。
m能够捕获从JVM发出的HTTPS请求,而不会出现此设置的任何问题。
I am running the following java program in the Eclipse IDE:
import java.net.*;
import java.io.*;
public class HH
{
public static void main(String[] args)throws Exception
{
//if i comment out the system properties, and don't set any jvm arguments, the program runs and prints out the html fine.
System.setProperty("http.proxyHost", "localhost");
System.setProperty("http.proxyPort", "8888");
System.setProperty("https.proxyHost", "localhost");
System.setProperty("https.proxyPort", "8888");
URL x=new URL("https://www.google.com");
HttpURLConnection hc=(HttpURLConnection)x.openConnection();
hc.setRequestProperty("User-Agent","Mozilla/5.0 (Windows NT 6.0)
AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.121 Safari/535.2");
InputStream is=hc.getInputStream();
int u=0;
byte[] kj=new byte[1024];
while((u=is.read(kj))!=-1)
{
System.out.write(kj,0,u);
}
is.close();
}
}
This produces the following exception, if fiddler is RUNNING, both while capturing, and not capturing:
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown ...
If I close fiddler, the program runs fine without any exceptions, producing the html on the url i am connecting to.
alternatively, if i specify System.setProperty("https.proxyPort", "443");, instead of: System.setProperty("https.proxyPort", "8888");, it runs and prints out all html, without exceptions, even while fiddler is open, in capturing mode, but there is still no capturing from fiddler at all.
Then if I set these system properties through eclipse's jvm arguments like: -DproxySet=true -DproxyHost=127.0.0.1 -DproxyPort=8888, the same exact exception happens again, so long as the fiddler app is running, both in capturing and non capturing mode. If i close fiddler, the program will run perfectly fine.
If i use: System.setProperty("http.proxyHost", "127.0.0.1"); instead of: System.setProperty("http.proxyHost", "localhost");, it runs fine with fiddler application running, both cap-/non capturing mode, but also NO captured traffic.
Is anyone out there, able to capture their own https traffic with fiddler, NOT through a web browser, but through a java program? What are the jvm arguments, how do you set it up to do this? thanks
Create a keystore containing the Fiddler certificate.Use this keystore as the truststore for the JVM along with the proxy settings.
Here's how to do that:
- Export Fiddler's root certificate
- Create a keystore with this certificate
Enter a password when prompted. This should create a file called FiddlerKeystore.
- Now start the JVM with Fiddler as the proxy and this keystore as the truststore. You'll need these vmargs:
Use these vmargs in your eclipse run configuration and you should be good to go.
I'm able to capture HTTPS requests made from the JVM without any issues with this setup.
这篇关于如何使用fiddler捕获https,在java中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!