java请求https地址如何绕过证书验证?

原文http://www.blogjava.net/hector/archive/2012/10/23/390073.html

第一种方法,适用于httpclient4.X 里边有get和post两种方法供你发送请求使用

import  java.io.BufferedReader;
import  java.io.IOException;
import  java.io.InputStream;
import  java.io.InputStreamReader;
import  java.io.UnsupportedEncodingException;
import  java.net.HttpURLConnection;
import  java.net.InetAddress;
import  java.net.InetSocketAddress;
import  java.net.Socket;
import  java.net.SocketAddress;
import  java.net.URI;
import  java.net.URISyntaxException;
import  java.net.URL;
import  java.net.URLConnection;
import  java.net.URLEncoder;
import  java.net.UnknownHostException;
import  java.security.KeyManagementException;
import  java.security.NoSuchAlgorithmException;
import  java.security.cert.CertificateException;
import  java.security.cert.X509Certificate;


import  javax.net.SocketFactory;
import  javax.net.ssl.HostnameVerifier;
import  javax.net.ssl.HttpsURLConnection;
import  javax.net.ssl.SSLContext;
import  javax.net.ssl.SSLSession;
import  javax.net.ssl.TrustManager;
import  javax.net.ssl.X509TrustManager;


import  org.apache.http.HttpEntity;
import  org.apache.http.HttpResponse;
import  org.apache.http.client.ClientProtocolException;
import  org.apache.http.client.HttpClient;
import  org.apache.http.client.methods.HttpGet;
import  org.apache.http.client.methods.HttpPost;
import  org.apache.http.conn.ClientConnectionManager;
import  org.apache.http.conn.ConnectTimeoutException;
import  org.apache.http.conn.scheme.HostNameResolver;
import  org.apache.http.conn.scheme.Scheme;
import  org.apache.http.conn.scheme.SchemeRegistry;
import  org.apache.http.conn.ssl.SSLSocketFactory;
import  org.apache.http.entity.StringEntity;
import  org.apache.http.impl.client.DefaultHttpClient;
import  org.apache.http.params.HttpConnectionParams;
import  org.apache.http.protocol.HTTP;
import  org.apache.http.util.EntityUtils;


/*
 *  * 
 
*/

public   class  HttpClientSendPost  {
private static DefaultHttpClient client;
 
/** 
     * 访问https的网站 
     * 
@param httpclient 
     
*/
  
    
private static void enableSSL(DefaultHttpClient httpclient){  
        
//调用ssl  
         try {  
                SSLContext sslcontext 
= SSLContext.getInstance("TLS");  
                sslcontext.init(
nullnew TrustManager[] { truseAllManager }null);  
                SSLSocketFactory sf 
= new SSLSocketFactory(sslcontext);  
                sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);  
                Scheme https 
= new Scheme("https", sf, 443);  
                httpclient.getConnectionManager().getSchemeRegistry().register(https);  
            }
 catch (Exception e) {  
                e.printStackTrace();  
            }
  
    }
  
    
/** 
     * 重写验证方法,取消检测ssl 
     
*/
  
    
private static TrustManager truseAllManager = new X509TrustManager(){  
  
        
public void checkClientTrusted(  
                java.security.cert.X509Certificate[] arg0, String arg1)  
                
throws CertificateException {  
            
// TODO Auto-generated method stub  
              
        }
  
  
        
public void checkServerTrusted(  
                java.security.cert.X509Certificate[] arg0, String arg1)  
                
throws CertificateException {  
            
// TODO Auto-generated method stub  
              
        }
  
  
        
public java.security.cert.X509Certificate[] getAcceptedIssuers() {  
            
// TODO Auto-generated method stub  
            return null;  
        }
  
          
    }

/**
* HTTP Client Object,used HttpClient Class before(version 3.x),but now the
* HttpClient is an interface
*/



public static String sendXMLDataByGet(String url,String xml){
   
// 创建HttpClient实例     
        if (client == null{
// Create HttpClient Object
client = new DefaultHttpClient();
enableSSL(client);
}

        StringBuilder urlString
=new StringBuilder();
        urlString.append(url);
        urlString.append(
"?");
        System.out.println(
"getUTF8XMLString(xml):"+getUTF8XMLString(xml));
        
try {
urlString.append(URLEncoder.encode( getUTF8XMLString(xml) , 
"UTF-8" ));
}
 catch (UnsupportedEncodingException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
}

        String urlReq
=urlString.toString();
        
// 创建Get方法实例     
        HttpGet httpsgets = new HttpGet(urlReq);

        String strRep
="";
try {
HttpResponse response 
= client.execute(httpsgets);    
HttpEntity entity 
= response.getEntity(); 

if (entity != null
strRep 
= EntityUtils.toString(response.getEntity());
   
// Do not need the rest    
   httpsgets.abort();    
}

}
 catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
 catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
 catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
  
        
return strRep;
    }
 


/**
* Send a XML-Formed string to HTTP Server by post method

@param url
*            the request URL string
@param xmlData
*            XML-Formed string ,will not check whether this string is
*            XML-Formed or not
@return the HTTP response status code ,like 200 represents OK,404 not
*         found
@throws IOException
@throws ClientProtocolException
*/

public static String sendXMLDataByPost(String url, String xmlData)
throws ClientProtocolException, IOException {
if (client == null{
// Create HttpClient Object
client = new DefaultHttpClient();
enableSSL(client);
}

client.getParams().setParameter(
"http.protocol.content-charset",
HTTP.UTF_8);
client.getParams().setParameter(HTTP.CONTENT_ENCODING, HTTP.UTF_8);
client.getParams().setParameter(HTTP.CHARSET_PARAM, HTTP.UTF_8);
client.getParams().setParameter(HTTP.DEFAULT_PROTOCOL_CHARSET,
HTTP.UTF_8);

// System.out.println(HTTP.UTF_8);
// Send data by post method in HTTP protocol,use HttpPost instead of
// PostMethod which was occurred in former version
// System.out.println(url);
HttpPost post = new HttpPost(url);
post.getParams().setParameter(
"http.protocol.content-charset",
HTTP.UTF_8);
post.getParams().setParameter(HTTP.CONTENT_ENCODING, HTTP.UTF_8);
post.getParams().setParameter(HTTP.CHARSET_PARAM, HTTP.UTF_8);
post.getParams()
.setParameter(HTTP.DEFAULT_PROTOCOL_CHARSET, HTTP.UTF_8);


// Construct a string entity
StringEntity entity = new StringEntity(getUTF8XMLString(xmlData), "UTF-8");
entity.setContentType(
"text/xml;charset=UTF-8");
entity.setContentEncoding(
"UTF-8");
// Set XML entity
post.setEntity(entity);
// Set content type of request header
post.setHeader("Content-Type""text/xml;charset=UTF-8");
// Execute request and get the response
HttpResponse response = client.execute(post);
HttpEntity entityRep 
= response.getEntity(); 
String strrep
="";
        
if (entityRep != null{     
            strrep 
= EntityUtils.toString(response.getEntity());
            
// Do not need the rest    
            post.abort();    
        }
  
// Response Header - StatusLine - status code
// statusCode = response.getStatusLine().getStatusCode();
return strrep;
}

/**
* Get XML String of utf-8

@return XML-Formed string
*/

public static String getUTF8XMLString(String xml) {
// A StringBuffer Object
StringBuffer sb = new StringBuffer();
sb.append(xml);
String xmString 
= "";
try {
xmString 
= new String(sb.toString().getBytes("UTF-8"));
}
 catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

// return to String Formed
return xmString.toString();
}

}

第二种仿http的不用HttpClient 都是jdk自带的包

package  org.sp.sc.util;


import  java.io.ByteArrayOutputStream;
import  java.io.InputStream;
import  java.net.URL;
import  java.security.cert.CertificateException;
import  java.security.cert.X509Certificate;


import  javax.net.ssl.HostnameVerifier;
import  javax.net.ssl.HttpsURLConnection;
import  javax.net.ssl.SSLContext;
import  javax.net.ssl.SSLSession;
import  javax.net.ssl.SSLSocketFactory;
import  javax.net.ssl.TrustManager;
import  javax.net.ssl.X509TrustManager;


   
/**
     * 无视Https证书是否正确的Java Http Client
     * 
     * 
     * 
@author huangxuebin
     *
     * @create 2012.8.17
     * 
@version 1.0
     
*/

public   class  HttpsUtil  {


    
/**
     * 忽视证书HostName
     
*/

    
private static HostnameVerifier ignoreHostnameVerifier = new HostnameVerifier() {
        
public boolean verify(String s, SSLSession sslsession) {
            System.out.println(
"WARNING: Hostname is not matched for cert.");
            
return true;
        }

    }


     
/**
     * Ignore Certification
     
*/

    
private static TrustManager ignoreCertificationTrustManger = new X509TrustManager() {

        
private X509Certificate[] certificates;

        @Override
        
public void checkClientTrusted(X509Certificate certificates[],
                String authType) 
throws CertificateException {
            
if (this.certificates == null{
                
this.certificates = certificates;
                System.out.println(
"init at checkClientTrusted");
            }

        }



        @Override
        
public void checkServerTrusted(X509Certificate[] ax509certificate,
                String s) 
throws CertificateException {
            
if (this.certificates == null{
                
this.certificates = ax509certificate;
                System.out.println(
"init at checkServerTrusted");
            }

//            for (int c = 0; c < certificates.length; c++) {
//                X509Certificate cert = certificates[c];
//                System.out.println(" Server certificate " + (c + 1) + ":");
//                System.out.println("  Subject DN: " + cert.getSubjectDN());
//                System.out.println("  Signature Algorithm: "
//                        + cert.getSigAlgName());
//                System.out.println("  Valid from: " + cert.getNotBefore());
//                System.out.println("  Valid until: " + cert.getNotAfter());
//                System.out.println("  Issuer: " + cert.getIssuerDN());
//            }

        }



        @Override
        
public X509Certificate[] getAcceptedIssuers() {
            
// TODO Auto-generated method stub
            return null;
        }

    }
;


    
public static String getMethod(String urlString) {

        ByteArrayOutputStream buffer 
= new ByteArrayOutputStream(512);
        
try {
            URL url 
= new URL(urlString);
            
/*
             * use ignore host name verifier
             
*/

            HttpsURLConnection.setDefaultHostnameVerifier(ignoreHostnameVerifier);
            HttpsURLConnection connection 
= (HttpsURLConnection) url.openConnection();


            
// Prepare SSL Context
            TrustManager[] tm = { ignoreCertificationTrustManger };
            SSLContext sslContext 
= SSLContext.getInstance("SSL""SunJSSE");
            sslContext.init(
null, tm, new java.security.SecureRandom());


            
// 从上述SSLContext对象中得到SSLSocketFactory对象
            SSLSocketFactory ssf = sslContext.getSocketFactory();
            connection.setSSLSocketFactory(ssf);
            
            InputStream reader 
= connection.getInputStream();
            
byte[] bytes = new byte[512];
            
int length = reader.read(bytes);


            
do {
                buffer.write(bytes, 
0, length);
                length 
= reader.read(bytes);
            }
 while (length > 0);


            
// result.setResponseData(bytes);
            System.out.println(buffer.toString());
            reader.close();
            
            connection.disconnect();
        }
 catch (Exception ex) {
            ex.printStackTrace();
        }
 finally {
        }

        String repString
= new String (buffer.toByteArray());
        
return repString;
    }



//    public static void main(String[] args) {
//        String urlString = "https://218.202.0.241:8081/XMLReceiver";
//        String output = new String(HttpsUtil.getMethod(urlString));
//        System.out.println(output);
//    }
}



作为AI语言模型,我不建议您在生产环境中绕过SSL证书进行Java HTTPS请求。这是因为SSL证书是保护数据传输安全的重要组成部分,绕过它可能导致安全漏洞。如果您确实需要在测试环境中绕过SSL证书,可以使用以下代码: ```java import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; public class HttpsClient { public static void main(String[] args) throws Exception { // 创建信任管理器 TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {} public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {} public X509Certificate[] getAcceptedIssuers() { return null; } } }; // 创建SSL上下文 SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); // 设置HTTPS连接的默认上下文 HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); // 创建主机名验证器 HostnameVerifier allHostsValid = new HostnameVerifier() { public boolean verify(String hostname, javax.net.ssl.SSLSession sslSession) { return true; } }; // 设置主机名验证HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); // 发送HTTPS请求 URL url = new URL("https://example.com"); HttpsURLConnection con = (HttpsURLConnection)url.openConnection(); InputStream is = con.getInputStream(); BufferedReader reader = new BufferedReader(new InputStreamReader(is)); String line; while ((line = reader.readLine()) != null) { System.out.println(line); } reader.close(); } } ``` 这段代码创建了一个信任所有证书的信任管理器,并将其设置为HTTPS连接的默认上下文。同时,它还创建了一个主机名验证器,该验证器接受所有主机名。请注意,这段代码仅适用于测试环境,并且不应在生产环境中使用。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值