1:前言
jdk1.7 支持协议 :SSLv2Hello 、SSLv3、TLSv1、TLSv1.1、TLSv1.2五种协议,但是默认协议是:TLSv1,因为https 请求是双向认证的也就是jdk的支持协议最低是TLSv1以上的版本,所有jdk1.7不能访问https请求。
jdk1.7访问https出现握手失败的情况,原因是jdk1.7默认TLS1.1,目标服务器jdk1.8使用TLS1.2
2:解决方式
新建立类:
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
public class TrustAnyHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
// 直接Pass
return true;
}
}
import javax.net.ssl.X509TrustManager;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
public class TrustAnyTrustManager implements X509TrustManager {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
}
http请求代码改动:
public static String sendhttp(String type, String data, String url, String key, String sign) {
// String formatData = data.replace("\\&", " ");
PrintWriter out = null;
BufferedReader in = null;
String result = "";
try {
SimpleDateFormat sf = new SimpleDateFormat("yyyyMMDDHHMMss");
String requestTime = sf.format(new Date());
String param = null;
URL realUrl = new URL(url);
// 打开和URL之间的连接
URLConnection conn = realUrl.openConnection();
// 设置通用的请求属性
// conn.setRequestProperty("Accept-Charset", "UTF-8");
conn.setRequestProperty("accept", "*/*");
conn.setRequestProperty("connection", "Keep-Alive");
conn.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
if (conn instanceof HttpsURLConnection) {
SSLContext sc = SSLContext.getInstance("TLSv1.2");
sc.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());
((HttpsURLConnection) conn).setSSLSocketFactory(sc.getSocketFactory());
((HttpsURLConnection) conn).setHostnameVerifier(new TrustAnyHostnameVerifier());
}
conn.setConnectTimeout(15000);
conn.setReadTimeout(60000);
// 发送POST请求必须设置如下两行
conn.setDoOutput(true);
conn.setDoInput(true);
// 获取URLConnection对象对应的输出流
out = new PrintWriter(conn.getOutputStream());
// 发送请求参数
sf = new SimpleDateFormat("yyyyMMddHHmmss");
requestTime = sf.format(new Date());
String param = "xxxxx";
out.print(param);
// flush输出流的缓冲
out.flush();
// 定义BufferedReader输入流来读取URL的响应
in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
result += line;
}
realUrl = null;
} catch (Exception e) {
e.printStackTrace();
}
// 使用finally块来关闭输出流、输入流
finally {
try {
if (out != null) {
out.close();
}
if (in != null) {
in.close();
}
} catch (IOException ex) {
}
}
return result;
}