Java实现通过证书访问Https请求-蒲公英云

Java实现通过证书访问Https请求

创建证书管理器类

import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
public class MyX509TrustManager implements X509TrustManager{
    X509TrustManager sunJSSEX509TrustManager; 
    MyX509TrustManager(String keystoreFile,String pass) throws Exception { 
        KeyStore ks = KeyStore.getInstance("JKS"); 
        ks.load(new FileInputStream(keystoreFile), pass.toCharArray()); 
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509", "SunJSSE"); 
        tmf.init(ks); 
        TrustManager tms [] = tmf.getTrustManagers(); 
        for (int i = 0; i < tms.length; i++) { 
            if (tms[i] instanceof X509TrustManager) { 
                sunJSSEX509TrustManager = (X509TrustManager) tms[i]; 
                return; 
            } 
        } 
        throw new Exception("Couldn't initialize"); 
    }
    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try { 
            sunJSSEX509TrustManager.checkClientTrusted(chain, authType); 
        } catch (CertificateException excep) { 
            excep.printStackTrace();
        }    
    }
    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try { 
            sunJSSEX509TrustManager.checkServerTrusted(chain, authType); 
        } catch (CertificateException excep) { 
            excep.printStackTrace();
        }        
    }
    @Override
    public X509Certificate[] getAcceptedIssuers() {
    return sunJSSEX509TrustManager.getAcceptedIssuers();
    }
}

调用测试

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.URL;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
public class HttpsCaTest {
    public static void main(String[] args) throws Exception {    
    String keystoreFile = "D:\\tomcat.keystore";
        String keystorePass = "ldysjhj";
        //设置可通过ip地址访问https请求
        HttpsURLConnection.setDefaultHostnameVerifier(new NullHostNameVerifier());
        // 创建SSLContext对象，并使用我们指定的信任管理器初始化 
        TrustManager[] tm = { new MyX509TrustManager(keystoreFile,keystorePass) }; 
        SSLContext sslContext = SSLContext.getInstance("TLS"); 
        sslContext.init(null, tm, new java.security.SecureRandom()); 
        // 从上述SSLContext对象中得到SSLSocketFactory对象 
        SSLSocketFactory ssf = sslContext.getSocketFactory();
        String urlStr = "https://192.168.1.10/login_queryLkBySfmc.htm";
        URL url = new URL(urlStr);
        HttpsURLConnection con = (HttpsURLConnection) url.openConnection(); 
        con.setSSLSocketFactory(ssf); 
        con.setRequestMethod("POST"); // 设置以POST方式提交数据
        con.setDoInput(true); // 打开输入流，以便从服务器获取数据
        con.setDoOutput(true);// 打开输出流，以便向服务器提交数据
        //设置发送参数
        String param = "sfmc=测试";
        PrintWriter out = new PrintWriter(new OutputStreamWriter(con.getOutputStream(),"UTF-8"));
        out.print(param);          
        out.flush();
        out.close();
        //读取请求返回值
    InputStreamReader in = new InputStreamReader(con.getInputStream(),"UTF-8");
    BufferedReader bfreader = new BufferedReader(in);
    String result = "";
    String line = "";
    while ((line = bfreader.readLine()) != null) {
        result += line;
    }
    System.out.println("result:"+result);
    }
}

工具类：

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
public class NullHostNameVerifier implements HostnameVerifier{
    @Override
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
}