The V1.0 software development kit (SDK) uses the HTTP protocol by default. This topic describes how to configure the SDK to use the more secure HTTPS protocol.
Configuration methods
You can configure the request protocol in two ways. The methods are listed in descending order of priority:
You can call the
setSysProtocol()method on an instance of the OpenAPI Request class. This configuration applies only to the current request. The following code provides an example:NoteEach OpenAPI operation has a unique Request class. The class name follows the `${OpenAPI}${Request}` format, such as `DescribeInstancesRequest`.
com.aliyuncs.ecs.model.v20140526.DescribeInstancesRequest request = new com.aliyuncs.ecs.model.v20140526.DescribeInstancesRequest(); request.setSysProtocol(com.aliyuncs.http.ProtocolType.HTTPS);You can call the
setProtocolType()method of thecom.aliyuncs.http.HttpClientConfigclass. This configuration takes effect globally. The following code provides an example:com.aliyuncs.http.HttpClientConfig clientConfig = com.aliyuncs.http.HttpClientConfig.getDefault(); clientConfig.setProtocolType(com.aliyuncs.http.ProtocolType.HTTPS);
By default, if you send an API request over HTTPS, the SDK enables certificate verification to verify the validity of SSL/TLS certificates. If no SSL/TLS certificate is configured in the development environment, an error that indicates the certificate verification fails is reported.
To ensure network communication security, we recommend that you enable certificate verification. If certificate verification must be disabled in the test environment, you can disable certificate verification using the following parameter settings:
com.aliyuncs.http.HttpClientConfig clientConfig = com.aliyuncs.http.HttpClientConfig.getDefault();
// Disable server-side certificate validation.
clientConfig.setIgnoreSSLCerts(true)