程序博客网 > java websocket client

HTPPS请求 证书 解决方案

来源:互联网 发布:java websocket client 编辑:程序博客网 时间:2024/06/06 06:43

1.忽略证书

    public static String sendGetByProxy(String url, String param, String encode,String host,int port) throws Exception {        String result = "";        BufferedReader in = null;        String urlNameString = url + "?" + param;        URL realUrl = new URL(urlNameString);        if("https".equalsIgnoreCase(realUrl.getProtocol())){            SslUtils.ignoreSsl();        }        Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(host, port));          URLConnection connection = (URLConnection) realUrl.openConnection(proxy);        // 设置通用的请求属性        connection.setRequestProperty("accept", "*/*");        connection.setRequestProperty("connection", "Keep-Alive");        connection.setRequestProperty("user-agent","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");        connection.setConnectTimeout(3000);        connection.setReadTimeout(3000);        // 建立实际的连接        connection.connect();        in = new BufferedReader(new InputStreamReader(                connection.getInputStream(),encode));        String line;        while ((line = in.readLine()) != null) {            result += line;        }        try {            if (in != null) {                in.close();            }        } catch (Exception e2) {            e2.printStackTrace();        }        return result;    }
import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSession;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;public class SslUtils {    private static void trustAllHttpsCertificates() throws Exception {        TrustManager[] trustAllCerts = new TrustManager[1];        TrustManager tm = new miTM();        trustAllCerts[0] = tm;        SSLContext sc = SSLContext.getInstance("SSL");        sc.init(null, trustAllCerts, null);        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());    }    static class miTM implements TrustManager,X509TrustManager {        public X509Certificate[] getAcceptedIssuers() {            return null;        }        public boolean isServerTrusted(X509Certificate[] certs) {            return true;        }        public boolean isClientTrusted(X509Certificate[] certs) {            return true;        }        public void checkServerTrusted(X509Certificate[] certs, String authType)                throws CertificateException {            return;        }        public void checkClientTrusted(X509Certificate[] certs, String authType)                throws CertificateException {            return;        }    }    /**     * 忽略HTTPS请求的SSL证书,必须在openConnection之前调用     * @throws Exception     */    public static void ignoreSsl() throws Exception{        HostnameVerifier hv = new HostnameVerifier() {            public boolean verify(String urlHostName, SSLSession session) {                System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());                return true;            }        };        trustAllHttpsCertificates();        HttpsURLConnection.setDefaultHostnameVerifier(hv);    }}

2.安装证书

2.1 代码

    public static void main(String[] args) throws Exception {        String host = "";        int port = 8888;        // 创建SSLContext对象,并使用我们指定的信任管理器初始化         TrustManager[] tm = { new MyX509TrustManager() };         SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");         sslContext.init(null, tm, new java.security.SecureRandom());         // 从上述SSLContext对象中得到SSLSocketFactory对象         SSLSocketFactory ssf = sslContext.getSocketFactory();         // 创建URL对象         URL myURL = new URL("");         // 创建HttpsURLConnection对象,并设置其SSLSocketFactory对象         Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(host, port));         HttpsURLConnection httpsConn = (HttpsURLConnection) myURL.openConnection(proxy);         httpsConn.setSSLSocketFactory(ssf);         // 取得该连接的输入流,以读取响应内容         InputStreamReader insr = new InputStreamReader(httpsConn.getInputStream());         // 读取服务器的响应内容并显示         int respInt = insr.read();         while (respInt != -1) {             System.out.print((char) respInt);             respInt = insr.read();         } 
import java.io.FileInputStream; import java.security.KeyStore; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager;import com.jfinal.kit.PathKit; public class MyX509TrustManager implements X509TrustManager {     /*      * The default X509TrustManager returned by SunX509.  We'll delegate      * decisions to it, and fall back to the logic in this class if the      * default X509TrustManager doesn't trust it.      */     X509TrustManager sunJSSEX509TrustManager;     MyX509TrustManager() throws Exception {         // create a "default" JSSE X509TrustManager.         KeyStore ks = KeyStore.getInstance("JKS");         ks.load(new FileInputStream(PathKit.getWebRootPath()+"/media/static/swzj.jks"),             "987321".toCharArray());         TrustManagerFactory tmf =         TrustManagerFactory.getInstance("SunX509", "SunJSSE");         tmf.init(ks);         TrustManager tms [] = tmf.getTrustManagers();         /*          * Iterate over the returned trustmanagers, look          * for an instance of X509TrustManager.  If found,          * use that as our "default" trust manager.          */         for (int i = 0; i < tms.length; i++) {             if (tms[i] instanceof X509TrustManager) {                 sunJSSEX509TrustManager = (X509TrustManager) tms[i];                 return;             }         }         /*          * Find some other way to initialize, or else we have to fail the          * constructor.          */         throw new Exception("Couldn't initialize");     }     /*      * Delegate to the default trust manager.      */     public void checkClientTrusted(X509Certificate[] chain, String authType)                 throws CertificateException {         try {             sunJSSEX509TrustManager.checkClientTrusted(chain, authType);         } catch (CertificateException excep) {             // do any special handling here, or rethrow exception.         }     }     /*      * Delegate to the default trust manager.      */     public void checkServerTrusted(X509Certificate[] chain, String authType)                 throws CertificateException {         try {             sunJSSEX509TrustManager.checkServerTrusted(chain, authType);         } catch (CertificateException excep) {             /*              * Possibly pop up a dialog box asking whether to trust the              * cert chain.              */         }     }     /*      * Merely pass this through.      */     public X509Certificate[] getAcceptedIssuers() {         return sunJSSEX509TrustManager.getAcceptedIssuers();     } }

2.2 证书导入jks文件

实例:P7B格式证书(证书链)导入jks文件
2.2.1 安装证书

2.2.2 导出cer格式,p7b证书,包含根证书和子证书。分别导出为 根rootca.cer和子rootcaserver.cer。

这里写图片描述

2.2.3 使用java keytool工具(jdk bin目录) 将证书 分别导入 jks文件,遇到是否信任该证书提示时,输入y。(keytool无法直接导入p7b文件)

是否信任此证书? []:  y证书已添加到密钥库中C:\Program Files\Java\jdk1.7.0_80\bin>keytool -import -alias rootcaserver -trustcacerts -file d:/rootcaserver.cer -keystore d:/test.jks输入密钥库口令:证书已添加到密钥库中C:\Program Files\Java\jdk1.7.0_80\bin>keytool -import -alias rootcaserver -trustcacerts -file d:/rootcaserver.cer -keystore d:/test.jks
1 0
java websocket client java websocket client
原创粉丝点击
热门IT博客
新日铁住金软件网站新日铁住金软件网站
hive sql数据列合并hive sql数据列合并
人类简史 知乎
c语言产生一个随机数
杨幂爱的供养 知乎
网络被挟持
linux 上传文件命令
淘宝网店收费吗
手机弹古筝软件
exec php
黑暗之魂 知乎
阿里云客服电话
excel2016数据的有效性
linux snmp命令
网站设计优化规划书
知乎 大误
雕刻机作图软件
手机建模软件中文
epub转azw3软件
淘宝管控记录是什么
热门问题 老师的惩罚 人脸识别 我在镇武司摸鱼那些年 重生之率土为王 我在大康的咸鱼生活 盘龙之生命进化 天生仙种 凡人之先天五行 春回大明朝 姑娘不必设防,我是瞎子 叙永县城图片 叙永人才招聘 叙永那里招聘 叙永林业局 四川省叙永县 四川省泸州市叙永县 四川叙永县 泸州叙永县 叙永县属于哪个市 泸州市叙永县 叙永县酒店 叙永县怎么样 叙永县在哪里 叙永县分水镇 叙永县医院 叙永县招标 叙职 叙述 叙述方式 叙述文 间接叙述 叙述顺序 叙述方法 叙述句 直接叙述句 叙述的意思 叙述文600字 间接叙述句怎么改 叙述方式有哪些 草帽团叙述错误 叙述作文600字 下列关于usb的叙述中错误的是 呼啸山庄采用什么叙述方法 洞房花烛夜分腿叙述 叚怎么读 叚加偏旁组词 红叛军 叛军 叛军夫夫 叛军 八黎

程序博客网,程序员的互联网技术博客家园。csdn论坛精品 msdn技术资料都在这里