https请求

1.

package com.http.https;import java.io.BufferedReader;import java.io.InputStream;import java.io.InputStreamReader;import java.net.URL;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLSession;public class https {/* * 　　JSSE中，有一个信任管理器类负责决定是否信任远端的证书，这个类有如下的处理规则：                 　　⑴ 果系统属性javax.net.sll.trustStore指定了TrustStore文件，那么信任管理器就去jre安装路径下的lib/security/目录中寻找并使用这个文件来检查证书。　                 　⑵ 果该系统属性没有指定TrustStore文件，它就会去jre安装路径下寻找默认的TrustStore文件，这个文件的相对路径为：lib/security/jssecacerts。　                  　⑶ 如果 jssecacerts不存在，但是cacerts存在(它随J2SDK一起发行，含有数量有限的可信任的基本证书)，那么这个默认的TrustStore文件就是cacerts。 * */public static void main(String[] args)throws Exception{String httpsURL = "https://www.baidu.com/s?ie=utf-8&f=8&rsv_bp=0&rsv_idx=1&tn=baidu&wd=hello&rsv_pq=e78b85e100039612&rsv_t=9027wa6kGzr7FyXSksd0dKeuokX6Pzb4RAYyuvybdfHbpTODz%2BgL433gHYg&rsv_enter=1&rsv_sug3=5&rsv_sug1=4&rsv_sug7=100";//信任库地址String trustStor="F:\\Java\\jre\\lib\\security\\ccc";//设置信任库System.setProperty("javax.net.ssl.trustStore", trustStor);//设置库的密码System.setProperty("javax.net.ssl.trustStorePassword", "111111");URL myurl = new URL(httpsURL);//在https对ssl的验证处理好后，后面的就和发送http请求类似HttpsURLConnection con = (HttpsURLConnection) myurl.openConnection();//con.setHostnameVerifier(hv);//验证hostname验证器HttpsURLConnection.setDefaultHostnameVerifier(hv);InputStream ins = con.getInputStream();InputStreamReader isr = new InputStreamReader(ins);BufferedReader in = new BufferedReader(isr);String inputLine=null;while ((inputLine = in.readLine()) != null) {System.out.println(inputLine);}in.close(); }   /** * 实现用于主机名验证的基接口。  * 在握手期间，如果 URL 的主机名和服务器的标识主机名不匹配，则验证机制可以回调此接口的实现程序来确定是否应该允许此连接。 */private static HostnameVerifier hv = new HostnameVerifier() {   public boolean verify(String urlHostName, SSLSession session) {// TODO Auto-generated method stub//return urlHostName.equals(session.getPeerHost());System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());return true;}};}

2 

package com.http.https;import java.io.BufferedReader;import java.io.FileInputStream;import java.io.InputStreamReader;import java.net.URL;import java.security.KeyStore;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSession;import javax.net.ssl.SSLSocketFactory;import javax.net.ssl.TrustManager;import javax.net.ssl.TrustManagerFactory;public class SSL {public static void main(String[] args) throws Exception{//请求地址String httpsURL = "https://www.baidu.com/s?ie=utf-8&f=8&rsv_bp=0&rsv_idx=1&tn=baidu&wd=hello&rsv_pq=e78b85e100039612&rsv_t=9027wa6kGzr7FyXSksd0dKeuokX6Pzb4RAYyuvybdfHbpTODz%2BgL433gHYg&rsv_enter=1&rsv_sug3=5&rsv_sug1=4&rsv_sug7=100";//信任库地址String trustStor="F:\\Java\\jre\\lib\\security\\ccc";//密码 String password="111111";certTest2(trustStor,password,httpsURL);}public static void certTest2(String certDir, String passwd, String urlStr)throws Exception {//返回一个封装 SSLContextSpi 实现的新 SSLContext 对象，该实现取自指定的提供者。指定的提供者必须在安全提供者列表中注册。SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");TrustManager[] tms = getTms(certDir, passwd);//初始化SSLContext对象sslContext.init(null, tms, new java.security.SecureRandom());//通过SSLContext对象获取SSLContext工厂(SSLSocketFactory)SSLSocketFactory ssf = sslContext.getSocketFactory();URL url = new URL(urlStr);HttpsURLConnection.setDefaultHostnameVerifier(hv);HttpsURLConnection conn = ((HttpsURLConnection) url.openConnection());conn.setSSLSocketFactory(ssf);InputStreamReader im = new InputStreamReader(conn.getInputStream(),"GBK");BufferedReader reader = new BufferedReader(im);StringBuffer sb = new StringBuffer();String line = null;while ((line = reader.readLine()) != null) {sb.append(line + "\r\n");}System.out.println(sb);}public static TrustManager[] getTms(String dir, String keyPassword)throws Exception {//  获取默认的 TrustManagerFactory 算法名称String talg = TrustManagerFactory.getDefaultAlgorithm();//返回充当信任管理器工厂的 TrustManagerFactory 对象。TrustManagerFactory tmFact = TrustManagerFactory.getInstance(talg);//FileInputStream tfis = new FileInputStream(dir);KeyStore ts = KeyStore.getInstance("jks");ts.load(tfis, keyPassword.toCharArray());tfis.close();tmFact.init(ts);return tmFact.getTrustManagers();}/** * 实现用于主机名验证的基接口。  * 在握手期间，如果 URL 的主机名和服务器的标识主机名不匹配，则验证机制可以回调此接口的实现程序来确定是否应该允许此连接。 */private static HostnameVerifier hv = new HostnameVerifier() {public boolean verify(String hostname, SSLSession session) {// TODO Auto-generated method stubreturn hostname.equals(session.getPeerHost());}};}

3

package com.http.https;import java.io.BufferedReader;import java.io.InputStreamReader;import java.net.URL;import java.security.cert.X509Certificate;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSession;import javax.net.ssl.SSLSocketFactory;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import javax.security.cert.CertificateException;public class SSLwithoutCert {public static void main(String[] args) throws Exception{//请求地址String httpsURL = "https://www.baidu.com/s?ie=utf-8&f=8&rsv_bp=0&rsv_idx=1&tn=baidu&wd=hello&rsv_pq=e78b85e100039612&rsv_t=9027wa6kGzr7FyXSksd0dKeuokX6Pzb4RAYyuvybdfHbpTODz%2BgL433gHYg&rsv_enter=1&rsv_sug3=5&rsv_sug1=4&rsv_sug7=100";//信任库地址String trustStor="F:\\Java\\jre\\lib\\security\\cccC";//密码 //设置信任库System.setProperty("javax.net.ssl.trustStore", trustStor);//设置库的密码System.setProperty("javax.net.ssl.trustStorePassword", "111111");String password="111111";withoutCertTest(httpsURL);}public static void withoutCertTest(String urlStr) throws Exception {SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");TrustManager[] tms = { ignoreCertificationTrustManger };sslContext.init(null, tms, new java.security.SecureRandom());SSLSocketFactory ssf = sslContext.getSocketFactory();URL url = new URL(urlStr);HttpsURLConnection.setDefaultHostnameVerifier(hv);HttpsURLConnection conn = ((HttpsURLConnection) url.openConnection());conn.setSSLSocketFactory(ssf);InputStreamReader im = new InputStreamReader(conn.getInputStream(),"GBK");BufferedReader reader = new BufferedReader(im);StringBuffer sb = new StringBuffer();String line = null;while ((line = reader.readLine()) != null) {sb.append(line + "\r\n");}System.out.println(sb);}/* * X509证书信任管理器类的实现及应用　　在JSSE中，证书信任管理器类就是实现了接口X509TrustManager的类。我们可以自己实现该接口，让它信任我们指定的证书。　　接口X509TrustManager有下述三个公有的方法需要我们实现：　　⑴ oid checkClientTrusted(X509Certificate[] chain, String authType)    throws CertificateException　　该方法检查客户端的证书，若不信任该证书则抛出异常。由于我们不需要对客户端进行认证，因此我们只需要执行默认的信任管理器的这个方法。JSSE中，默认的信任管理器类为TrustManager。　　⑵ oid checkServerTrusted(X509Certificate[] chain, String authType)    throws CertificateException 　　该方法检查服务器的证书，若不信任该证书同样抛出异常。通过自己实现该方法，可以使之信任我们指定的任何证书。在实现该方法时，也可以简单的不做任何处理，即一个空的函数体，由于不会抛出异常，它就会信任任何证书。　　⑶ X509Certificate[] getAcceptedIssuers() 　　返回受信任的X509证书数组。 * */private static TrustManager ignoreCertificationTrustManger = new X509TrustManager() {private X509Certificate[] certificates;public void checkClientTrusted(X509Certificate certificates[],String authType) {System.out.println("certificates"+certificates);System.out.println(this.certificates);if (this.certificates == null) {this.certificates = certificates;}}public void checkServerTrusted(X509Certificate[] ax509certificate,String s) {System.out.println(ax509certificate);System.out.println(this.certificates);if (this.certificates == null) {this.certificates = ax509certificate;}}public X509Certificate[] getAcceptedIssuers() {return null;}};/** * 实现用于主机名验证的基接口。  * 在握手期间，如果 URL 的主机名和服务器的标识主机名不匹配，则验证机制可以回调此接口的实现程序来确定是否应该允许此连接。 */private static HostnameVerifier hv = new HostnameVerifier() {public boolean verify(String hostname, SSLSession session) {// TODO Auto-generated method stubreturn hostname.equals(session.getPeerHost());}};}