java中实现https双向认证

1、在IE中访问WSDL的URL，弹出“安全警报”窗口，查看证书->详细信息标签页->复制到文件->下一步->下一步->指定文件名，将证书下载保存为.cer文件，例如：test.cer

2、用下载到的证书文件生成信任库文件：
在 keytool -import -file test.cer -storepass 111111 -keystore c:\client.truststore –noprompt

这里生成的client.truststore证书是根据cacert.cer（根证书）证书来生成的。

 

全部依赖库：
commons-logging-1.1.1.jar
httpclient-4.1.3.jar
httpcore-4.1.4.jar
httpmime-4.1.3.jar(上传文件使用)

import java.io.BufferedReader;import java.io.File;import java.io.FileInputStream;import java.io.InputStream;import java.io.InputStreamReader;import java.security.KeyStore;import org.apache.http.HttpEntity;import org.apache.http.HttpResponse;import org.apache.http.client.HttpClient;import org.apache.http.client.methods.HttpGet;import org.apache.http.conn.scheme.Scheme;import org.apache.http.conn.ssl.SSLSocketFactory;import org.apache.http.impl.client.DefaultHttpClient;import org.apache.http.util.EntityUtils;public class HttpsClient {       private static final String KEY_STORE_TYPE_JKS = "jks";    private static final String KEY_STORE_TYPE_P12 = "PKCS12";    private static final String SCHEME_HTTPS = "https";    private static final int HTTPS_PORT = 443;    private static final String HTTPS_URL = "https://192.168.6.120/index.html";    private static final String KEY_STORE_CLIENT_PATH = "F:/client.p12";    private static final String KEY_STORE_TRUST_PATH = "F:/client.truststore";    private static final String KEY_STORE_PASSWORD = "xiaozl";    private static final String KEY_STORE_TRUST_PASSWORD = "111111";    public static void main(String[] args) throws Exception {        ssl();    }       private static void ssl() throws Exception {        HttpClient httpClient = new DefaultHttpClient();        try {            KeyStore keyStore  = KeyStore.getInstance(KEY_STORE_TYPE_P12);            KeyStore trustStore  = KeyStore.getInstance(KEY_STORE_TYPE_JKS);            InputStream ksIn = new FileInputStream(KEY_STORE_CLIENT_PATH);            InputStream tsIn = new FileInputStream(new File(KEY_STORE_TRUST_PATH));            try {                keyStore.load(ksIn, KEY_STORE_PASSWORD.toCharArray());                trustStore.load(tsIn, KEY_STORE_TRUST_PASSWORD.toCharArray());            } finally {                try { ksIn.close(); } catch (Exception ignore) {}                try { tsIn.close(); } catch (Exception ignore) {}            }            SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore, KEY_STORE_PASSWORD, trustStore);            Scheme sch = new Scheme(SCHEME_HTTPS, HTTPS_PORT, socketFactory);            httpClient.getConnectionManager().getSchemeRegistry().register(sch);            HttpGet httpget = new HttpGet(HTTPS_URL);            System.out.println("executing request" + httpget.getRequestLine());            HttpResponse response = httpClient.execute(httpget);            HttpEntity entity = response.getEntity();            System.out.println("----------------------------------------");            System.out.println(response.getStatusLine());            if (entity != null) {                System.out.println("Response content length: " + entity.getContentLength());                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(entity.getContent()));                String text;                while ((text = bufferedReader.readLine()) != null) {                    System.out.println(text);                }                bufferedReader.close();            }            EntityUtils.consume(entity);        } finally {            httpClient.getConnectionManager().shutdown();        }    }}

文章来源：

http://www.blogjava.net/icewee/archive/2012/06/05/379983.html