https下的证书信任

package org.jiahao.weixin.util;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.X509TrustManager;
/**
* 自定义信任管理器类
* @author Alvin
* 自定义信任管理器类的所有方法都是空的实现，表示信任任何服务器端、客户端的证书。
*/
public class MyX509TrustManager implements X509TrustManager {

// 检查客户端证书
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {

}

// 检查服务器端证书
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {

}

// 返回受信任的X509证书数组
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}

}

一般这种方法是存在危险的，因为它能对任何https网站的证书信任，通常情况下，会在checkClientTrusted和checkServerTrusted两个方法下进行逻辑验证的处理。

/**
* 处理https GET/POST请求
*
* @param requestUrl
* 请求的地址
* @param requestMethod
* 请求的方法(GET/POST)
* @param inputString
* 请求体
* @return
*/
public static String httpsRequest(String requestUrl, String requestMethod,
String outputStr) {
StringBuffer buffer = null;
try {
// 创建SSLContext
SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");
TrustManager[] tm = { new MyX509TrustManager() };
// 初始化
sslContext.init(null, tm, new java.security.SecureRandom());
// 获取SSLSocketFacroty对象
SSLSocketFactory ssf = sslContext.getSocketFactory();

URL url = new URL(requestUrl);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod(requestMethod);
// 设置当前实例使用的SSLSocketFactory对象
conn.setSSLSocketFactory(ssf);
conn.connect();

// 往服务器端写内容
if (null != outputStr) {
OutputStream os = conn.getOutputStream();
os.write(outputStr.getBytes("utf-8"));
}

// 读取服务器返回的内容
InputStream is = conn.getInputStream();
InputStreamReader isr = new InputStreamReader(is, "utf-8");
BufferedReader br = new BufferedReader(isr);

buffer = new StringBuffer();
String line = null;
while ((line = br.readLine()) != null) {
buffer.append(line);
}
// System.out.println(buffer.toString());

} catch (Exception e) {
e.printStackTrace();
}
return buffer.toString();
}