接受指定网站的SSL证书.
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
...
public static void testHttpHead() throws Exception {
// load certificate
// in firefox, Export as (type X.509 Certificate (PEM))
InputStream trustStore = new BufferedInputStream(
new FileInputStream("/home/gutsy/lib/vc.crt"));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate ca = cf.generateCertificate(trustStore);
System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
// key store
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("ca",ca);
// configure for self-signed ssl
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
// ssl context
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sslFactory = ctx.getSocketFactory();
// download checksum is case-sensitive
String checksum = "1ccd9f3dff172ef4fa1cb3dc437981d3";
URL url = new URL("https://files.test.com/chatfile/"+checksum);
HttpsURLConnection urlConn = (HttpsURLConnection) url.openConnection();
urlConn.setSSLSocketFactory(sslFactory); // use our ssl factory
urlConn.setRequestMethod("HEAD");
System.out.println("Response HTTP status: "+urlConn.getResponseCode());
Map<String, List<String>> headers = urlConn.getHeaderFields();
System.out.println(headers);
urlConn.disconnect();
}
附:接受所有SSL证书
import org.junit.Test;
import javax.net.ssl.*;
import java.net.URL;
public class HttpsDownloader {
@Test
public void testHttpsTrustAll() throws Exception {
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[]{new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
}
}}, null);
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
String link = "https://www.baidu.com";
URL url = new URL(link);
HttpsURLConnection httpConnection = (HttpsURLConnection) url.openConnection();
// ....
System.out.println(httpConnection.getResponseCode());
}
}