Https加密的实现
来源:互联网 发布:苹果6s连不上蜂窝数据 编辑:程序博客网 时间:2024/05/22 07:58
工作需要,要将原来的http连接改成https连接。
改成https连接首先需要服务器支持,服务器 支持https连接客户端才能连接成功。
具体https原理可以参考下面这几个连接
1. java官网对https加密连接的解释
http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html#SecureConnSample
2. 官网指向的例子地址
http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/samples/index.html
3. apache的地址
http://hc.apache.org/httpcomponents-client-4.5.x/tutorial/html/connmgmt.html#d5e449
4. apache例子地址
http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientCustomSSL.java
5. 博客中说的不错的地址
http://blog.csdn.net/kobejayandy/article/details/52433660
http://blog.csdn.net/dtlscsl/article/details/50118225
http://blog.csdn.net/llwszjj/article/details/36868177
http://blog.csdn.net/chw1989/article/details/7584995
http://410063005.iteye.com/blog/1751243
http://blog.csdn.net/rongyongfeikai2/article/details/41659353/
6.加密相关术语的官方解释
http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SSLContext
上面这些都是我在了解java开发https连接服务器觉得有用的链接,前4个都是英文的,这个最权威了,不过,对英文不好的人就难度有些大,
第5个都是相关博客总结的,可以帮助大家理解。
我在学习的过程写的代码:
其实是我抄的:
代码来源是 http://fishhappy365.iteye.com/blog/963876
首先是服务器端的:
import java.io.BufferedReader;import java.io.FileInputStream;import java.io.InputStreamReader;import java.io.PrintWriter;import java.net.Socket;import java.security.KeyStore;import javax.net.ssl.KeyManagerFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLServerSocket;import javax.net.ssl.SSLServerSocketFactory;import javax.net.ssl.SSLSocket;/* * 打开命令行输入 keytool -genkey -keystore SSLKey -keyalg rsa -alias SSL * 第一个参数是要生成的证书的名字,第二个参数是证书的别名。rsa指明了我们使用的加密方法。 * 系统会要求输入证书发放者的信息,逐项输入即可。 */public class Main006_SSLServer {static int port = 8456; // 系统将要监听的端口号static SSLServerSocket server;/* * 构造函数 */public Main006_SSLServer() {}/* * @param port 监听的端口号 * * @return 返回一个SSLServerSocket对象 */private static SSLServerSocket getServerSocket(int thePort) {SSLServerSocket s = null;try { String key = "C:/rsatemp/SSLKey"; // 证书的位置char keyStorePass[] = "123456".toCharArray(); // 证书密码(生成证书时输入的)char keyPassword[] = "123456".toCharArray(); // 证书别称所使用的主要密码 (生成证书时输入的)KeyStore ks = KeyStore.getInstance("JKS"); // 创建JKS密钥库ks.load(new FileInputStream(key), keyStorePass);// 创建管理JKS密钥库的X.509密钥管理器KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");kmf.init(ks, keyPassword);// 构造SSL环境,指定SSL版本为3.0,也可以使用TLSv1,但是SSLv3更加常用。SSLContext sslContext = SSLContext.getInstance("TLSv1");/* * 初始化SSL环境。第二个参数是告诉JSSE使用的可信任证书的来源, * 设置为null是从javax.net.ssl.trustStore中获得证书。 * 第三个参数是JSSE生成的随机数,这个参数将影响系统的安全性, 设置为null是个好选择,可以保证JSSE的安全性。 */sslContext.init(kmf.getKeyManagers(), null, null);// 根据上面配置的SSL上下文来产生SSLServerSocketFactory,与通常的产生方法不同SSLServerSocketFactory factory = sslContext.getServerSocketFactory();s = (SSLServerSocket) factory.createServerSocket(thePort);} catch (Exception e) {System.out.println(e);}return (s);}public static void main(String args[]) {try {server = getServerSocket(port);System.out.println("在" + port + "端口等待连接...");while (true) {SSLSocket socket = (SSLSocket) server.accept();// 将得到的socket交给CreateThread对象处理,主线程继续监听new CreateThread(socket);}} catch (Exception e) {System.out.println("main方法错误80:" + e);}}}/* * 内部类,获得主线程的socket连接,生成子线程来处理 */class CreateThread extends Thread {static BufferedReader in;static PrintWriter out;static Socket s;/* * 构造函数,获得socket连接,初始化in和out对象 */public CreateThread(Socket socket) {try {s = socket;out = new PrintWriter(s.getOutputStream(), true);in = new BufferedReader(new InputStreamReader(s.getInputStream(), "gb2312"));this.start(); // 开新线程执行run方法} catch (Exception e) {System.out.println(e);}}/* * 线程方法,处理socket传递过来的数据 */public void run() {try {String msg = in.readLine();System.out.println(msg);s.close();} catch (Exception e) {System.out.println(e);}}}
客户端的代码:
//把证书拷贝到java.home下/lib/security目录下,名字SSLKey改为jssecacerts,然后可以直接执行客户端://http://hi.baidu.com/sunjoe/blog/item/629daa3ef802edff828b13e6.htmlimport java.io.PrintWriter; import java.net.Socket; import javax.net.ssl.SSLSocketFactory; public class Main006_SSLClient {static int port = 8456; public static void main(String args[]) { try { SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory .getDefault(); Socket s = factory.createSocket("127.0.0.1", port); PrintWriter out = new PrintWriter(s.getOutputStream(), true); out.println("Hello ren zha"); out.close(); s.close(); } catch (Exception e) { System.out.println(e); } }}
下面是我使用apache的httpClient模拟客户端请求的代码
package com.chinasofti.vtmsln.httpclient.bean;import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import javax.net.ssl.SSLContext;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import org.apache.http.HttpEntity;import org.apache.http.client.methods.HttpPost;import org.apache.http.conn.ssl.NoopHostnameVerifier;import org.apache.http.conn.ssl.SSLConnectionSocketFactory;import org.apache.http.entity.ContentType;import org.apache.http.entity.mime.MultipartEntityBuilder;import org.apache.http.entity.mime.content.StringBody;import org.apache.http.impl.client.CloseableHttpClient;import org.apache.http.impl.client.HttpClients;public class httpsClientTest {public static void main(String[] args) throws Exception {X509TrustManager x509TrustManager = new X509TrustManager(){@Overridepublic void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}@Overridepublic void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}@Overridepublic X509Certificate[] getAcceptedIssuers() {return new X509Certificate[] {};}};SSLContext sslContext = SSLContext.getInstance("SSL");sslContext.init(null, new TrustManager[]{x509TrustManager}, null); SSLConnectionSocketFactory ssf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null, NoopHostnameVerifier.INSTANCE); /*CloseableHttpClient httpClient = HttpClients.custom() .setSSLHostnameVerifier(SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER) .setSSLSocketFactory(ssf).build();*/ CloseableHttpClient httpClient = new HttpClientFactoryBean().getObject(); HttpPost httppost = new HttpPost("https://www.cctv.com"); StringBody userPwd = new StringBody("password", ContentType.TEXT_PLAIN); StringBody userId = new StringBody("monitor01", ContentType.TEXT_PLAIN); StringBody userType = new StringBody("user", ContentType.TEXT_PLAIN); HttpEntity reqEntity = MultipartEntityBuilder.create() .addPart("userPwd", userPwd).addPart("userId", userId).addPart("userType", userType) .build(); httppost.setEntity(reqEntity); httpClient.execute(httppost); }}
当然,报错也会有
关于这个报错
Received fatal alert: handshake_failure through SSLHandshakeException
https://stackoverflow.com/questions/6353849/received-fatal-alert-handshake-failure-through-sslhandshakeexception
以上就是我对https的学习过程觉得有价值的资料,希望对看到的人有帮助。
- https加密的实现
- Https加密的实现
- JAVA基于HTTPS的加密远程调用的实现.
- JAVA基于HTTPS的加密远程调用的实现
- JAVA基于HTTPS的加密远程调用的实现
- https 加密通信实现示例
- nginx+apache实现网站的ssl加密(https)
- 依据HTTPS中TLS/SSL加密原理衍生的数据加密实现
- HTTPS 是怎么加密的
- https的加密解密过程
- HTTPS加密套件的笔记
- Java实现HTTPS加密、解密过程
- 从https的实现看数字证书、SSL、数字签名、摘要算法、对称/非对称加密
- 如何发布加密协议https://的网站
- Java中请求HTTPS加密的源代码
- Java中请求HTTPS加密的源代码
- 关于网站https 加密的影响
- 数字签名是什么?https加密通信的理解。
- AI时代职场人何去何从?五大葩王带你深入解读
- 雾霾压境,你真的选对了空气净化器吗?
- 百度云的使命:AI赋能企业的快速通道
- 进击的雷神科技:新三板首支“游戏生态”概念股,掀新国货浪潮
- 高德打造全民出行节 十一出游“心不堵”
- Https加密的实现
- 你信奉规模效应,还是网络效应?
- 未来品牌将如何开展竞争?个性化体验或成新焦点
- 在苹果中玩转Windows:Parallels Desktop 13 for Mac轻体验
- 音响发烧友福音!亚马逊中国“国际品质悦听馆”上线
- 游戏玩家们,《绝地求生》国际邀请赛终于来啦!
- Redis 使用
- SpringMVC实现原理和代码解读
- Linux 中java程序获取系统时间跟Linux服务器时间不一致问题