httpclient 4.5.2 https协议时忽略服务器证书
2016-10-09 16:58
495 查看
1maven dependence dependency> groupId>org.apache.httpcomponentsgroupId> artifactId>httpclientartifactId> version>4.5.2version> dependency> 2. 测试类 package com.iraid.test; import java.io.BufferedReader; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.security.KeyStore; import javax.net.ssl.SSLContext; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpPost; import org.apache.http.config.Registry; import org.apache.http.config.RegistryBuilder; import org.apache.http.conn.HttpClientConnectionManager; import org.apache.http.conn.socket.ConnectionSocketFactory; import org.apache.http.conn.socket.PlainConnectionSocketFactory; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.SSLContexts; import org.apache.http.conn.ssl.TrustSelfSignedStrategy; import org.apache.http.entity.ContentType; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.impl.conn.PoolingHttpClientConnectionManager; import org.apache.http.util.EntityUtils; /** * 使用 httpclient4.5 进行 https 通讯, * 采用双向认证, 连接池管理connection * * @author wangfeihu * */ public class HttpClientforSSL { public static HttpClientConnectionManager CONNECTION_MANAGER = null; /** * 初始化 connection manager. * @param keyStoreFile * @param keyStorePass * @param trustStoreFile * @param trustStorePass * @throws Exception */ public void init(String keyStoreFile, String keyStorePass, String trustStoreFile, String trustStorePass) throws Exception { System.out.println("init conection pool..."); InputStream ksis = new FileInputStream(new File(keyStoreFile));// 私钥证书 InputStream tsis = new FileInputStream(new File(trustStoreFile));// 信任证书库 KeyStore ks = KeyStore.getInstance("PKCS12"); ks.load(ksis, keyStorePass.toCharArray()); KeyStore ts = KeyStore.getInstance("JKS"); ts.load(tsis, trustStorePass.toCharArray()); SSLContext sslContext = SSLContexts.custom() .loadKeyMaterial(ks, keyStorePass.toCharArray()) // 如果有 服务器证书 .loadTrustMaterial(ts, new TrustSelfSignedStrategy()) // 如果没有服务器证书,可以采用自定义 信任机制 // .loadTrustMaterial(null, new TrustStrategy() { // // // 信任所有 // public boolean isTrusted(X509Certificate[] arg0, // String arg1) throws CertificateException { // return true; // } // // }) .build(); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Registry registry = RegistryBuilder . create() .register("http", PlainConnectionSocketFactory.INSTANCE) .register("https", sslsf).build(); ksis.close(); tsis.close(); CONNECTION_MANAGER = new PoolingHttpClientConnectionManager(registry); } /** * do post * @param url * @param params * @throws Exception */ public void post(String url, String params) throws Exception { if (CONNECTION_MANAGER == null) { return; } CloseableHttpClient httpClient = HttpClients.custom() .setConnectionManager(CONNECTION_MANAGER).build(); HttpPost httpPost = new HttpPost(url); httpPost.setEntity(new StringEntity(params, ContentType.APPLICATION_JSON)); CloseableHttpResponse resp = httpClient.execute(httpPost); System.out.println(resp.getStatusLine()); InputStream respIs = resp.getEntity().getContent(); String content = convertStreamToString(respIs); System.out.println(content); EntityUtils.consume(resp.getEntity()); } public static String convertStreamToString(InputStream is) { BufferedReader reader = new BufferedReader(new InputStreamReader(is)); StringBuilder sb = new StringBuilder(); String line = null; try { while ((line = reader.readLine()) != null) { sb.append(line + "/n"); } } catch (IOException e) { e.printStackTrace(); } finally { try { is.close(); } catch (IOException e) { e.printStackTrace(); } } return sb.toString(); }
如果没有证书或者秘钥上面的init方法直接可以写成这样:
/** * httpclient4.5.2版 * 忽略服务器证书,采用信任机制 * @return */ public static HttpClientConnectionManager init(){ try { SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // TODO Auto-generated method stub return true; } }).build(); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( sslContext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Registry registry = RegistryBuilder . create() .register("http", PlainConnectionSocketFactory.INSTANCE) .register("https", sslsf).build(); return new PoolingHttpClientConnectionManager(registry); } catch (Exception e) { e.printStackTrace(); } return null; }在main方法中调用getConn方法
public static void main(String[] args) { HttpClientConnectionManager clientConnectionManager = init(); if(clientConnectionManager != null){ CloseableHttpClient httpClient = HttpClients.custom().setConnectionManager(clientConnectionManager).build(); String url = "http://admod-analyse.com:8080"; getConn(httpClient, url); } }
原文地址:http://www.68iis.com/server/Linuxserver/4181_2.html
相关文章推荐
- Java 通过HttpClient 带证书方式请求Https协议网站 (Post方式带xml文档,Get以及Delete方式)
- HttpClient忽略证书访问HTTPS接口
- CloseableHttpAsyncClient忽略https的证书验证
- httpclient https忽略证书
- HttpClient忽略证书访问HTTPS接口
- httpclient忽略证书验证允许https请求
- HttpClient忽略证书访问HTTPS接口
- httpclient https忽略证书直接请求
- HttpClient忽略证书访问HTTPS接口()
- HttpClient4.x调用指定证书访问https
- 轻松把玩HttpClient之配置ssl,采用绕过证书验证实现https
- [httpclient学习]-httpclient 4.3 https信任所有证书
- 轻松把玩HttpClient之配置ssl,采用绕过证书验证实现https
- CloseableHttpClient加载证书来访问https网站
- CloseableHttpClient加载证书来访问https网站(转载)
- httpclient 无信任证书使用https
- 轻松把玩HttpClient之配置ssl,采用设置信任自签名证书实现https
- HTTP协议的介绍,Web服务器配置,虚拟主机的配置,如何用SSL实现HTTPS。
- httpclient 无信任证书使用https
- 让CentOS服务器支持https(安全http协议)