package jp.go.ssid.sss.common;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Iterator;
import javax.net.ssl.SSLSocketFactory;
import com.sun.net.ssl.HostnameVerifier;
import com.sun.net.ssl.HttpsURLConnection;
import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;
import com.sun.net.ssl.internal.ssl.Provider;
/**
* @author hy-he
*
* この生成されたコメントの挿入されるテンプレートを変更するため
* ウィンドウ > 設定 > Java > コード生成 > コードとコメント
*/
public class TestSSL {
public static void main(String[] args)throws Exception {
/*Tomcat.cer文件的路径*/
String cert_paper = "E:/eclipse2.1/workspace/shikaku/defaultroot/stub/tomcat.cer";
/** 验证keystore用的密码,此处与制作的时候输入的一致就行 */
String kpwd = "changeit";
/** 証明書のkeystore */
String kstore = "cert_kstore";
/** 要访问的URL */
String shujuURL;
URL urlRead = null;
/** HttpURLConnection */
HttpURLConnection hCon = null;
Security.addProvider(new Provider());
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
FileInputStream ins = new FileInputStream(cert_paper);
CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");
Iterator iter = cerFactory.generateCertificates(ins).iterator();
ins.close();
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(null, kpwd.toCharArray());
for (int index = 1; iter.hasNext(); index++) {
Certificate cert = (Certificate) iter.next();
keyStore.setCertificateEntry("" + index, cert);
}
OutputStream outStream = new BufferedOutputStream(new FileOutputStream(kstore));
keyStore.store(outStream, kpwd.toCharArray());
outStream.flush();
outStream.close();
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.ssl.trustStore", kstore);
shujuURL = "https://localhost:8443/StubServ100?system_code=05";
urlRead = new URL(shujuURL);
hCon = (HttpURLConnection) urlRead.openConnection();
SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;
char[] passphrase = kpwd.toCharArray();
kmf = KeyManagerFactory.getInstance("SunX509");
//ソケットプロトコルを実装するSSLContextを作成
ctx = SSLContext.getInstance("TLS");
ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(kstore), passphrase);
kmf.init(ks, passphrase);
//SSLContextを初期化
ctx.init(kmf.getKeyManagers(), null, null);
SSLSocketFactory sslsf = null;
//SSLContextのSocketFactoryを取得
sslsf = ctx.getSocketFactory();
//URLConnectionにSocketFactoryを設定
((HttpsURLConnection) hCon).setSSLSocketFactory(sslsf);
//ホスト名を無視させる
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String hostname, String certHostname) {
return true;
}
};
((HttpsURLConnection) hCon).setHostnameVerifier(hv);
BufferedReader br = new BufferedReader(new InputStreamReader(hCon.getInputStream(), "UTF-8"));
String line = "";
String xmldata = "";
//XMLデータをStringとして取得
while ((line = br.readLine()) != null) {
xmldata = xmldata + line;
}
br.close();
System.out.println(xmldata);
}
}