Java如何实现通过证书访问Https请求

Java如何实现通过证书访问Https请求

目录java通过证书访问Https请求创建证书管理器类调用测试工具类https请求绕过证书检测

Java通过证书访问Https请求

创建证书管理器类

import java.io.FileInputStream;

import java.security.KeyStore;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import javax.net.ssl.TrustManager;

import javax.net.ssl.TrustManagerFactory;

import javax.net.ssl.X509TrustManager;

public class MyX509TrustManager implements X509TrustManager{

X509TrustManager sunjsSEX509TrustManager;

MyX509TrustManager(String keystoreFile,String pass) throws Exception {

KeyStore ks = KeyStore.getInstance("JKS");

ks.load(new FileInputStream(keystoreFile), pass.toCharArray());

TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509", "SunJSSE");

tmf.init(ks);

TrustManager tms [] = tmf.getTrustManagers();

for (int i = 0; i < tms.length; i++) {

if (tms[i] instanceof X509TrustManager) {

sunJSSEX509TrustManager = (X509TrustManager) tms[i];

return;

}

}

throw new Exception("Couldn't initialize");

}

@Override

public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

try {

sunJSSEX509TrustManager.checkClientTrusted(chain, authType);

} catch (CertificateException excep) {

excep.printStackTrace();

}

}

@Override

public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

try {

sunJSSEX509TrustManager.checkServerTrusted(chain, authType);

} catch (CertificateException excep) {

excep.printStackTrace();

}

}

@Override

public X509Certificate[] getAcceptedIssuers() {

return sunJSSEX509TrustManager.getAcceptedIssuers();

}

}

调用测试

import java.io.BufferedReader;

import java.io.InputStreamReader;

import java.io.OutputStreamWriter;

import java.io.PrintWriter;

import java.net.URL;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSocketFactory;

import javax.net.ssl.TrustManager;

public class HttpsCaTest {

public static void http://main(String[] args) throws Exception {

String keystoreFile = "D:\\tomcat.keystore";

String keystorePass = "ldysjhj";

//设置可通过ip地址访问https请求

HttpsURLConnection.setDefaultHostnameVerifier(new NullHostNameVerifier());

// 创建SSLContext对象，并使用我们指定的信任管理器初始化

TrustManager[] tm = { new MyX509TrustManager(keystoreFile,keystorePass) };

SSLContext sslContext = SSLContext.getInstance("TLS");

sslContext.init(null, tm, new java.security.SecureRandom());

// 从上述SSLContext对象中得到SSLSocketFactory对象

SSLSocketFactory ssf = sslContext.getSocketFactory();

String urlStr = "https://192.168.1.10/login_queryLkBySfmc.htm";

URL url = new URL(urlStr);

HttpsURLConnection con = (HttpsURLConnection) url.openConnection();

con.setSSLSocketFactory(ssf);

con.setRequestMethod("POST"); // 设置以POST方式提交数据

con.setDoInput(true); // 打开输入流，以便从服务器获取数据

con.setDoOutput(true);// 打开输出流，以便向服务器提交数据

//设置发送参数

String param = "sfmc=测试";

PrintWriter out = new PrintWriter(new OutputStreamWriter(con.getOutputStream(),"UTF-8"));

out.print(param);

out.flush();

out.close();

//读取请求返回值

InputStreamReader in = new InputStreamReader(con.getInputStream(),"UTF-8");

BufferedReader bfreader = new BufferedReader(in);

String result = "";

String line = "";

while ((line = bfreader.readLine()) != null) {

result += line;

}

System.out.println("result:"+result);

}

}

工具类

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.SSLSession;

public class NullHostNameVerifier implements HostnameVerifier{

@Override

public boolean verify(String hostname, SSLSession session) {

return true;

}

}

https请求绕过证书检测

import org.apache.http.HttpEntity;

import org.apache.http.client.config.RequestConfig;

import org.apache.http.client.methods.CloseableHttpResponse;

import org.apache.http.client.methods.HttpPost;

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;

import org.apache.http.entity.StringEntity;

import org.apache.http.impl.client.CloseableHttpClient;

import org.apache.http.impl.client.HttpClientBuilder;

import org.apache.http.ssl.SSLContextBuilder;

import org.apache.http.util.EntityUtils;

import javax.net.ssl.SSLContext;

public class HttpsClientUtil {

private static CloseableHttpClient httpClient;

static {

try {

SSLContext sslContext = SSLContextBuilder.create().useProtocol(SSLConnectionSocketFactory.SSL).loadTrustMaterial((x, y) -> true).build();

RequestConfig config = RequestConfig.custom().setConnectTimeout(5000).setSocketTimeout(5000).build();

httpClient = HttpClientBuilder.create().setDefaultRequestConfig(config).setSSLContext(sslContext).setSSLHostnameVerifier((x, y) -> true).build();

} catch (Exception e) {

e.printStackTrace();

}

}

public String doPost(String url, String jsonString) {

try {

HttpPost httpPost = new HttpPost(url);

StringEntity stringEntity = new StringEntity(jsonString, "utf-8");

stringEntity.setContentType("application/json");

httpPost.setEntity(stringEntity);

CloseableHttpResponse response = httpClient.execute(httpPost);

int statusCode = response.getStatusLine().getStatusCode();

if (statusCode != 200) {

httpPost.abort();

throw new RuntimeException("HttpClient,error status code :"

+ statusCode);

}

HttpEntity entity = response.getEntity();

String result = null;

if (entity != null) {

result = EntityUtils.toString(entity, "utf-8");

}

EntityUtils.consume(entity);

response.close();

return result;

} catch (Exception e) {

e.printStackTrace();

}

return null;

}

}

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。