最近專案需求需要獲取Cyberark密碼需要通過https協議獲取，將程式碼寫完之後，weblogic提示如下錯誤: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificat.

隨後在網上查閱相關資料，修改Weblogic配置檔案setDomainEnv.cmd，增加一段程式碼: -DUseSunHttpHandler=true。本地環境正常啟動，部署到測試環境，啟動報錯，同一個錯誤。原因是部署環境的setDomainEnv.cmd沒有設定UseSunHttpHandler為true。聯絡部署同事，告知不能隨意修改部署環境上Weblogic檔案。

繼續百度。，嘗試之，修改程式碼解決之。需要將呼叫的httpUrlConnction信任所有證書。程式碼如下: 

	private static String getPasswordByHttps(String object) {
		if (object == null) {
			logger.info("object is required...");
			return null;
		}

		try {
			Map<String, Object> param = new HashMap<String, Object>();
			param.put(SecurityConstants.APP_ID, PptPropsUtils
					.getValueFromProperties(SecurityConstants.APPID));
			param.put(SecurityConstants.SAFE, PptPropsUtils
					.getValueFromProperties(SecurityConstants.SAFE));
			param.put(SecurityConstants.FOLDER, PptPropsUtils
					.getValueFromProperties(SecurityConstants.FOLDER));
			param.put(SecurityConstants.OBJECT, object);
			param.put(SecurityConstants.REASON,
					"get password"); // Reason可隨意
		
			java.net.URL postURL = new java.net.URL(
					null,
					PptPropsUtils
							.getValueFromProperties(SecurityConstants.PIDMS_CCP_URL),
					new sun.net.www.protocol.https.Handler());

			HttpURLConnection connection = (HttpURLConnection) postURL
					.openConnection();

			trustAllCertificates(connection); // 信任所有證書

			connection.setDoOutput(true);
			connection.setDoInput(true);
			connection.setRequestMethod("POST");
			connection.setUseCaches(false);
			connection.setRequestProperty("Content-Type", "application/json");
			connection.connect();
			DataOutputStream out = new DataOutputStream(
					connection.getOutputStream());
			out.writeBytes(JSONObject.toJSONString(param));
			out.flush();
			out.close();
			BufferedReader reader = new BufferedReader(new InputStreamReader(
					connection.getInputStream(), "utf-8"));
			StringBuilder sb2 = new StringBuilder();
			for (String line = reader.readLine(); line != null; line = reader
					.readLine()) {
				sb2.append(line);
			}
			Map<String, Object> result = (Map<String, Object>) JSONObject
					.parse(sb2.toString());
			
			// 成功獲取密碼
			if (result != null && "200".equals(result.get("code"))) {
				String password = SecurityUtil
						.decrypt(
								(String) result.get(SecurityConstants.PASSWORD),'1111')
								
				
				return password;
			} else
				return null;
		} catch (Exception e) {
			logger.error("異常為: " + e);
			return null;
		}
	}

	// 信任所有證書
	private static void trustAllCertificates(HttpURLConnection con)
			throws NoSuchAlgorithmException, KeyManagementException {

		((HttpsURLConnection) con).setHostnameVerifier(new HostnameVerifier() {
			public boolean verify(String hostname, SSLSession session) {
				return true;
			}
		});
		// Ignore Certification
		TrustManager ignoreCertificationTrustManger = new X509TrustManager() {

			public void checkClientTrusted(X509Certificate certificates[],
					String authType) throws CertificateException {

			}

			public void checkServerTrusted(X509Certificate[] ax509certificate,
					String s) throws CertificateException {

			}

			public X509Certificate[] getAcceptedIssuers() {
				return null;
			}

		};
		// Prepare SSL Context
		TrustManager[] tm = { ignoreCertificationTrustManger };
		SSLContext sslContext = SSLContext.getInstance("SSL");
		sslContext.init(null, tm, new java.security.SecureRandom());

		// 從上述SSLContext物件中得到SSLSocketFactory物件
		SSLSocketFactory ssf = sslContext.getSocketFactory();
		((HttpsURLConnection) con).setSSLSocketFactory(ssf);

	}