You can do that, or you can disable the SSL validation with a fake trust-manager. I think both subjects are described in this similar question:

您可以这样做，或者您可以使用虚假的信任管理器禁用 SSL 验证。我认为这两个主题都在这个类似的问题中有所描述：

Java client certificates over HTTPS/SSL

基于 HTTPS/SSL 的 Java 客户端证书

It can be a hassle to manage many SSL cerificates: expiration, changed domains, changed issuer ++ If SSL is not that important to you I say skip it

管理许多 SSL 证书可能很麻烦：过期、更改域、更改颁发者 ++ 如果 SSL 对您来说不是那么重要，我说跳过它

Not necessarily. Your java app will need to establish a chain of trust from the server cert to the JVM's own trusted CA certs. As long as a CA cert is available that starts that chain, you should be fine. If you self sign certs, you will need to add your signing CA to the java's keystore. You do not need to import every server's certificate. Just the trusted CA certificate that signed them all if it is not already trusted.

不必要。您的 Java 应用程序将需要建立从服务器证书到 JVM 自己的可信 CA 证书的信任链。只要可以启动该链的 CA 证书，您就应该没问题。如果您对证书进行自签名，则需要将签名 CA 添加到 Java 的密钥库中。您不需要导入每个服务器的证书。如果尚未受信任，则只是对它们进行签名的受信任 CA 证书。

Import a root or intermediate CA certificate to an existing Java keystore:

将根或中间 CA 证书导入现有的 Java 密钥库：

keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks