1 导出服务器证书(以chrome为例)
点击url栏不安全->证书->详细信息->复制到文件->Base64编码X.509—>下一步->浏览保存(这里我取名http2.cer)
2 利用ketool来导入证书到key store
cd http2.cer所在目录
# 如果已经存在旧的需要先删除
# keytool -delete -alias http2 -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -storepass changeit
# 如果提示文件不存在
# keytool -delete -alias http2 -keystore "%JAVA_HOME%\lib\security\cacerts" -storepass changeit
# 导入证书
keytool -import -alias http2 -file http2.cer -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -storepass changeit -trustcacerts
# 如果提示文件不存在
# keytool -import -alias http2 -file http2.cer -keystore "%JAVA_HOME%\lib\security\cacerts" -storepass changeit -trustcacerts
3 查看证书
keytool -list -alias http2 -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -storepass changeit
4 http2 客户端系统属性中添加信任库(java 11)
public static void main(String[] args) throws Exception{
//加入信任库
System.setProperty("javax.net.ssl.trustStore", "E:/DevLibs/JAVA/JDK/Windows/JDK11_05/jre/lib/security/cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
HttpClient client = HttpClient.newHttpClient();
//URI.create里面可以用ip地址也可以用域名,这里因为是自己搭建的服务器,没有用域名
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://yourip:yourport"))
.version(Version.HTTP_2)
.GET()
.build();
HttpResponse<String> response =
client.send(request, HttpResponse.BodyHandlers.ofString());
System.out.println(response.body());
}