HTTPS 客户端发送请求(三)

HTTPS 请求不忽略证书方式

加载原始keystore方式

在第一章中我们生成了一张证书,并放在了c://tomcat.keystore下,我们就使用这个证书来完成请求

package httpsClient;import java.io.BufferedReader;  import java.io.FileInputStream;  import java.io.IOException;  import java.io.InputStreamReader;  import java.net.MalformedURLException;  import java.net.URL;  import java.security.GeneralSecurityException;  import java.security.KeyStore;    import javax.net.ssl.HostnameVerifier;  import javax.net.ssl.HttpsURLConnection;  import javax.net.ssl.KeyManagerFactory;  import javax.net.ssl.SSLContext;  import javax.net.ssl.TrustManagerFactory;    public class HttpsPost {      /**      * 获得KeyStore.      * @param keyStorePath      *            密钥库路径      * @param password      *            密码      * @return 密钥库      * @throws Exception      */      public static KeyStore getKeyStore(String password, String keyStorePath)              throws Exception {          // 实例化密钥库          KeyStore ks = KeyStore.getInstance("JKS");          // 获得密钥库文件流          FileInputStream is = new FileInputStream(keyStorePath);          // 加载密钥库          ks.load(is, password.toCharArray());          // 关闭密钥库文件流          is.close();          return ks;      }        /**      * 获得SSLSocketFactory.      * @param password      *            密码      * @param keyStorePath      *            密钥库路径      * @param trustStorePath      *            信任库路径      * @return SSLSocketFactory      * @throws Exception      */      public static SSLContext getSSLContext(String password,              String keyStorePath, String trustStorePath) throws Exception {          // 实例化密钥库          KeyManagerFactory keyManagerFactory = KeyManagerFactory                  .getInstance(KeyManagerFactory.getDefaultAlgorithm());          // 获得密钥库          KeyStore keyStore = getKeyStore(password, keyStorePath);          // 初始化密钥工厂          keyManagerFactory.init(keyStore, password.toCharArray());            // 实例化信任库          TrustManagerFactory trustManagerFactory = TrustManagerFactory                  .getInstance(TrustManagerFactory.getDefaultAlgorithm());          // 获得信任库          KeyStore trustStore = getKeyStore(password, trustStorePath);          // 初始化信任库          trustManagerFactory.init(trustStore);          // 实例化SSL上下文          SSLContext ctx = SSLContext.getInstance("TLS");          // 初始化SSL上下文          ctx.init(keyManagerFactory.getKeyManagers(),                  trustManagerFactory.getTrustManagers(), null);          // 获得SSLSocketFactory          return ctx;      }        /**      * 初始化HttpsURLConnection.      * @param password      *            密码      * @param keyStorePath      *            密钥库路径      * @param trustStorePath      *            信任库路径      * @throws Exception      */      public static void initHttpsURLConnection(String password,              String keyStorePath, String trustStorePath) throws Exception {          // 声明SSL上下文          SSLContext sslContext = null;          // 实例化主机名验证接口          HostnameVerifier hnv = new MyHostnameVerifier();         try {              sslContext = getSSLContext(password, keyStorePath, trustStorePath);          } catch (GeneralSecurityException e) {              e.printStackTrace();          }          if (sslContext != null) {              HttpsURLConnection.setDefaultSSLSocketFactory(sslContext                      .getSocketFactory());          }          HttpsURLConnection.setDefaultHostnameVerifier(hnv);      }        /**      * 发送请求.      * @param httpsUrl      *            请求的地址      * @param xmlStr      *            请求的数据      */      public static void post(String httpsUrl, String xmlStr) {          HttpsURLConnection urlCon = null;          try {              urlCon = (HttpsURLConnection) (new URL(httpsUrl)).openConnection();              urlCon.setDoInput(true);              urlCon.setDoOutput(true);              urlCon.setRequestMethod("POST");              urlCon.setRequestProperty("Content-Length",                      String.valueOf(xmlStr.getBytes().length));              urlCon.setUseCaches(false);              //设置为gbk可以解决服务器接收时读取的数据中文乱码问题              urlCon.getOutputStream().write(xmlStr.getBytes("gbk"));              urlCon.getOutputStream().flush();              urlCon.getOutputStream().close();            BufferedReader in = new BufferedReader(new InputStreamReader(                      urlCon.getInputStream()));              String line;              while ((line = in.readLine()) != null) {                  System.out.println(line);              }          } catch (MalformedURLException e) {              e.printStackTrace();          } catch (IOException e) {              e.printStackTrace();          } catch (Exception e) {              e.printStackTrace();          }      }        /**      * 测试方法.      * @param args      * @throws Exception      */      public static void main(String[] args) throws Exception {          // 密码          String password = "870515";          // 密钥库          String keyStorePath = "C:\\tomcat.keystore";          // 信任库          String trustStorePath = "C:\\tomcat.keystore";          // 本地起的https服务          String httpsUrl = "https://localhost:8443/httpsDemo/hs";          // 传输文本          String xmlStr = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><fruitShop><fruits><fruit><kind>萝卜</kind></fruit><fruit><kind>菠萝</kind></fruit></fruits></fruitShop>";          HttpsPost.initHttpsURLConnection(password, keyStorePath, trustStorePath);          // 发起请求          HttpsPost.post(httpsUrl, xmlStr);      }  }  

package httpsClient;import javax.net.ssl.HostnameVerifier;  import javax.net.ssl.SSLSession;    /**  * 实现用于主机名验证的基接口。   * 在握手期间，如果 URL 的主机名和服务器的标识主机名不匹配，则验证机制可以回调此接口的实现程序来确定是否应该允许此连接。  */  public class MyHostnameVerifier implements HostnameVerifier {      @Override      public boolean verify(String hostname, SSLSession session) {          if("localhost".equals(hostname)){              return true;          } else {              return false;          }      }  }  

加载导出cer方式