Java如何实现通过证书访问Https请求

目录

  • Java通过证书访问Https请求
    • 创建证书管理器类
    • 调用测试
    • 工具类
  • https请求绕过证书检测

    Java通过证书访问Https请求
    创建证书管理器类
    import java.io.FileInputStream; import java.security.KeyStore; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; public class MyX509TrustManager implements X509TrustManager{ X509TrustManager sunJSSEX509TrustManager; MyX509TrustManager(String keystoreFile,String pass) throws Exception { KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(keystoreFile), pass.toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509", "SunJSSE"); tmf.init(ks); TrustManager tms [] = tmf.getTrustManagers(); for (int i = 0; i < tms.length; i++) { if (tms[i] instanceof X509TrustManager) { sunJSSEX509TrustManager = (X509TrustManager) tms[i]; return; } } throw new Exception("Couldn't initialize"); } @Overridepublic void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { try { sunJSSEX509TrustManager.checkClientTrusted(chain, authType); } catch (CertificateException excep) { excep.printStackTrace(); } } @Overridepublic void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { try { sunJSSEX509TrustManager.checkServerTrusted(chain, authType); } catch (CertificateException excep) { excep.printStackTrace(); }} @Overridepublic X509Certificate[] getAcceptedIssuers() { return sunJSSEX509TrustManager.getAcceptedIssuers(); } }

    【Java如何实现通过证书访问Https请求】
    调用测试
    import java.io.BufferedReader; import java.io.InputStreamReader; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.net.URL; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; public class HttpsCaTest { public static void main(String[] args) throws Exception { String keystoreFile = "D:\\tomcat.keystore"; String keystorePass = "ldysjhj"; //设置可通过ip地址访问https请求HttpsURLConnection.setDefaultHostnameVerifier(new NullHostNameVerifier()); // 创建SSLContext对象,并使用我们指定的信任管理器初始化 TrustManager[] tm = { new MyX509TrustManager(keystoreFile,keystorePass) }; SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, tm, new java.security.SecureRandom()); // 从上述SSLContext对象中得到SSLSocketFactory对象 SSLSocketFactory ssf = sslContext.getSocketFactory(); String urlStr = "https://192.168.1.10/login_queryLkBySfmc.htm"; URL url = new URL(urlStr); HttpsURLConnection con = (HttpsURLConnection) url.openConnection(); con.setSSLSocketFactory(ssf); con.setRequestMethod("POST"); // 设置以POST方式提交数据con.setDoInput(true); // 打开输入流,以便从服务器获取数据con.setDoOutput(true); // 打开输出流,以便向服务器提交数据//设置发送参数String param = "sfmc=测试"; PrintWriter out = new PrintWriter(new OutputStreamWriter(con.getOutputStream(),"UTF-8")); out.print(param); out.flush(); out.close(); //读取请求返回值 InputStreamReader in = new InputStreamReader(con.getInputStream(),"UTF-8"); BufferedReader bfreader = new BufferedReader(in); String result = ""; String line = ""; while ((line = bfreader.readLine()) != null) {result += line; } System.out.println("result:"+result); } }


    工具类
    import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLSession; public class NullHostNameVerifier implements HostnameVerifier{ @Overridepublic boolean verify(String hostname, SSLSession session) {return true; }}


    https请求绕过证书检测
    import org.apache.http.HttpEntity; import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpPost; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.ssl.SSLContextBuilder; import org.apache.http.util.EntityUtils; import javax.net.ssl.SSLContext; public class HttpsClientUtil { private static CloseableHttpClient httpClient; static {try {SSLContext sslContext = SSLContextBuilder.create().useProtocol(SSLConnectionSocketFactory.SSL).loadTrustMaterial((x, y) -> true).build(); RequestConfig config = RequestConfig.custom().setConnectTimeout(5000).setSocketTimeout(5000).build(); httpClient = HttpClientBuilder.create().setDefaultRequestConfig(config).setSSLContext(sslContext).setSSLHostnameVerifier((x, y) -> true).build(); } catch (Exception e) {e.printStackTrace(); }} public String doPost(String url, String jsonString) {try {HttpPost httpPost = new HttpPost(url); StringEntity stringEntity = new StringEntity(jsonString, "utf-8"); stringEntity.setContentType("application/json"); httpPost.setEntity(stringEntity); CloseableHttpResponse response = httpClient.execute(httpPost); int statusCode = response.getStatusLine().getStatusCode(); if (statusCode != 200) {httpPost.abort(); throw new RuntimeException("HttpClient,error status code :"+ statusCode); }HttpEntity entity = response.getEntity(); String result = null; if (entity != null) {result = EntityUtils.toString(entity, "utf-8"); }EntityUtils.consume(entity); response.close(); return result; } catch (Exception e) {e.printStackTrace(); }return null; }}

    以上为个人经验,希望能给大家一个参考,也希望大家多多支持脚本之家。

      推荐阅读