SSL编程

package jp.go.ssid.sss.common;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Iterator;

import javax.net.ssl.SSLSocketFactory;

import com.sun.net.ssl.HostnameVerifier;
import com.sun.net.ssl.HttpsURLConnection;
import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;
import com.sun.net.ssl.internal.ssl.Provider;

/**
 * @author hy-he
 *
 * この生成されたコメントの挿入されるテンプレートを変更するため
 * ウィンドウ > 設定 > Java > コード生成 > コードとコメント
 */
public class TestSSL {

 public static void main(String[] args)throws Exception {
  /*Tomcat.cer文件的路径*/
  String cert_paper = "E:/eclipse2.1/workspace/shikaku/defaultroot/stub/tomcat.cer";
  /** 验证keystore用的密码，此处与制作的时候输入的一致就行 */
  String kpwd = "changeit";
  /** 証明書のkeystore */
  String kstore = "cert_kstore";
  /** 要访问的URL */
  String shujuURL;
  
  URL urlRead = null;
  /** HttpURLConnection */
  HttpURLConnection hCon = null;
  
  
  Security.addProvider(new Provider());
  System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");

  FileInputStream ins = new FileInputStream(cert_paper);
  CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");
  Iterator iter = cerFactory.generateCertificates(ins).iterator();
  ins.close();
  KeyStore keyStore = KeyStore.getInstance("JKS");
  keyStore.load(null, kpwd.toCharArray());

  for (int index = 1; iter.hasNext(); index++) {
   Certificate cert = (Certificate) iter.next();
   keyStore.setCertificateEntry("" + index, cert);
  }

  OutputStream outStream = new BufferedOutputStream(new FileOutputStream(kstore));
  keyStore.store(outStream, kpwd.toCharArray());
  outStream.flush();
  outStream.close();
  java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  System.setProperty("javax.net.ssl.trustStore", kstore);
  
  shujuURL = "https://localhost:8443/StubServ100?system_code=05";
  
  urlRead = new URL(shujuURL);
  hCon = (HttpURLConnection) urlRead.openConnection();

  SSLContext ctx;
  KeyManagerFactory kmf;
  KeyStore ks;
  char[] passphrase = kpwd.toCharArray();
  kmf = KeyManagerFactory.getInstance("SunX509");
  //ソケットプロトコルを実装するSSLContextを作成
  ctx = SSLContext.getInstance("TLS");
  ks = KeyStore.getInstance("JKS");

  ks.load(new FileInputStream(kstore), passphrase);

  kmf.init(ks, passphrase);
  //SSLContextを初期化
  ctx.init(kmf.getKeyManagers(), null, null);

  SSLSocketFactory sslsf = null;

  //SSLContextのSocketFactoryを取得
  sslsf = ctx.getSocketFactory();
  //URLConnectionにSocketFactoryを設定
   ((HttpsURLConnection) hCon).setSSLSocketFactory(sslsf);

  //ホスト名を無視させる
  HostnameVerifier hv = new HostnameVerifier() {
   public boolean verify(String hostname, String certHostname) {
    return true;
   }
  };
  ((HttpsURLConnection) hCon).setHostnameVerifier(hv);

  BufferedReader br = new BufferedReader(new InputStreamReader(hCon.getInputStream(), "UTF-8"));

  String line = "";
  String xmldata = "";
  //XMLデータをStringとして取得
  while ((line = br.readLine()) != null) {
   xmldata = xmldata + line;
  }
  br.close();
  System.out.println(xmldata);
  
 }
}