java,android中https请求调用使用安全的方式
来源:互联网 发布:tensorflow与spark 编辑:程序博客网 时间:2024/05/16 14:10
那遇到这种情况,怎么处理呢?有以下两种方案:
1)按照以上信任管理器的规则,将服务端的公钥导入到jssecacerts,或者是在系统属性中设置要加载的trustStore文件的路径;证书导入可以用如下命令:keytool -import -file src_cer_file –keystore dest_cer_store;至于证书可以通过浏览器导出获得;
2)、实现自己的证书信任管理器类,比如MyX509TrustManager,该类必须实现X509TrustManager接口中的三个method;然后在HttpsURLConnection中加载自定义的类,可以参见如下两个代码片段,其一为自定义证书信任管理器,其二为connect时的代码:
1)按照以上信任管理器的规则,将服务端的公钥导入到jssecacerts,或者是在系统属性中设置要加载的trustStore文件的路径;证书导入可以用如下命令:keytool -import -file src_cer_file –keystore dest_cer_store;至于证书可以通过浏览器导出获得;
2)、实现自己的证书信任管理器类,比如MyX509TrustManager,该类必须实现X509TrustManager接口中的三个method;然后在HttpsURLConnection中加载自定义的类,可以参见如下两个代码片段,其一为自定义证书信任管理器,其二为connect时的代码:
package test; import java.io.FileInputStream; import java.security.KeyStore; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; public class MyX509TrustManager implements X509TrustManager { /* * The default X509TrustManager returned by SunX509. We'll delegate * decisions to it, and fall back to the logic in this class if the * default X509TrustManager doesn't trust it. */ X509TrustManager sunJSSEX509TrustManager; MyX509TrustManager() throws Exception { // create a "default" JSSE X509TrustManager. KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream("trustedCerts"), "passphrase".toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509", "SunJSSE"); tmf.init(ks); TrustManager tms [] = tmf.getTrustManagers(); /* * Iterate over the returned trustmanagers, look * for an instance of X509TrustManager. If found, * use that as our "default" trust manager. */ for (int i = 0; i < tms.length; i++) { if (tms[i] instanceof X509TrustManager) { sunJSSEX509TrustManager = (X509TrustManager) tms[i]; return; } } /* * Find some other way to initialize, or else we have to fail the * constructor. */ throw new Exception("Couldn't initialize"); } /* * Delegate to the default trust manager. */ public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { try { sunJSSEX509TrustManager.checkClientTrusted(chain, authType); } catch (CertificateException excep) { // do any special handling here, or rethrow exception. } } /* * Delegate to the default trust manager. */ public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { try { sunJSSEX509TrustManager.checkServerTrusted(chain, authType); } catch (CertificateException excep) { /* * Possibly pop up a dialog box asking whether to trust the * cert chain. */ } } /* * Merely pass this through. */ public X509Certificate[] getAcceptedIssuers() { return sunJSSEX509TrustManager.getAcceptedIssuers(); } } // 创建SSLContext对象,并使用我们指定的信任管理器初始化 TrustManager[] tm = { new MyX509TrustManager() }; SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE"); sslContext.init(null, tm, new java.security.SecureRandom()); // 从上述SSLContext对象中得到SSLSocketFactory对象 SSLSocketFactory ssf = sslContext.getSocketFactory(); // 创建URL对象 URL myURL = new URL("https://ebanks.gdb.com.cn/sperbank/perbankLogin.jsp"); // 创建HttpsURLConnection对象,并设置其SSLSocketFactory对象 HttpsURLConnection httpsConn = (HttpsURLConnection) myURL.openConnection(); httpsConn.setSSLSocketFactory(ssf); // 取得该连接的输入流,以读取响应内容 InputStreamReader insr = new InputStreamReader(httpsConn.getInputStream()); // 读取服务器的响应内容并显示 int respInt = insr.read(); while (respInt != -1) { System.out.print((char) respInt); respInt = insr.read(); }
0 0
- java,android中https请求调用使用安全的方式
- Android开发中,使用https发送安全请求的实现
- Android Https的安全使用
- android Https请求的使用
- android https请求的使用
- Android Https请求调用
- Android安全使用HTTPS
- Android 安全使用HTTPS
- android 使用https请求
- java使用https请求
- 基于java 使用http-post方式请求https webservice接口
- Java中请求HTTPS加密的源代码
- Java中请求HTTPS加密的源代码
- 使用java发送https的请求
- android json实现网络请求 和普通的http请求 还有https请求安全认证
- Android支持https的处理方式1----httpclient请求https的处理方式
- java Https的请求
- Android支持https的处理方式2----HttpURLConnection请求https处理方式
- 结构体的应用
- C/C++学习笔记:基础知识4
- 为Entity Object增加安全性
- UITextField限制字数的方法
- 栈增长方向与大端/小端问题
- java,android中https请求调用使用安全的方式
- 使用数据库作为Policy Store
- poj 1953 World Cup Noise[斐波那契数列](递归及递推问题系列)
- 使用userGrantedResource和userGrantedPermission表达式
- smarty缓存技术
- poj 3107 Godfather
- ~这些年,我们一起学过的java~08~线程之Thread的基本运用~
- 使用SecurityContext.getUserRoles()获取用户的角色和组信息
- 很特别的一个动态规划入门教程