https请求之绕过证书安全校验工具类(原)

最新推荐文章于 2024-08-23 16:19:27 发布
最新推荐文章于 2024-08-23 16:19:27 发布
阅读量353 收藏
点赞数
文章标签: json java
原文链接:http://www.cnblogs.com/hmhhz/p/10177901.html
版权 
package com.isoftstone.core.util;

import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Map;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringUtils;


/**
 * https post发送工具
 * 
 * @author 超神之巅
 *
 */
public class HttpsTool {
    private static final String LINE_SEPARATOR = System.getProperty("line.separator");
    
    static HostnameVerifier hv = new HostnameVerifier() {
        public boolean verify(String urlHostName, SSLSession session) {
            System.out.println("Warning: URL Host: " + urlHostName + " vs. "
                    + session.getPeerHost());
            return true;
        }
    };
    
    private static void trustAllHttpsCertificates() throws Exception {
        javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
        javax.net.ssl.TrustManager tm = new miTM();
        trustAllCerts[0] = tm;
        javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext
                .getInstance("SSL");
        sc.init(null, trustAllCerts, null);
        javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc
                .getSocketFactory());
    }

    static class miTM implements javax.net.ssl.TrustManager,
            javax.net.ssl.X509TrustManager {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public boolean isServerTrusted(
                java.security.cert.X509Certificate[] certs) {
            return true;
        }

        public boolean isClientTrusted(
                java.security.cert.X509Certificate[] certs) {
            return true;
        }

        public void checkServerTrusted(
                java.security.cert.X509Certificate[] certs, String authType)
                throws java.security.cert.CertificateException {
            return;
        }

        public void checkClientTrusted(
                java.security.cert.X509Certificate[] certs, String authType)
                throws java.security.cert.CertificateException {
            return;
        }
    }
    
    /**
     * 发送报文
     * 
     * 通信失败时返回分两种:一种是抛异常,一种是返回"",本方法取前者
     * 
     * @param requestData
     *            请求报文
     * @param headMap
     *            head请求头参数 conn.setRequestProperty(key,value)
     * @param urlStr
     *            请求地址
     * @param sendEncoding
     *            请求编码
     * @param recvEncoding
     *            返回编码
     * @param connectionTimeout
     *            链接超时时间 1000代表 1秒
     * @param readTimeout
     *            读取超时时间 1000代表1秒
     * @return
     * @throws IOException
     * @author 超神之巅
     */
    public static String send(String requestData,Map<String,String> headMap, String urlStr, String sendEncoding, String recvEncoding, int connectionTimeout, int readTimeout,String contentType) throws Exception {
        URL url = null;
        HttpsURLConnection conn = null;
        ByteArrayOutputStream byteOut = null;
        BufferedReader readInfo = null;
        StringBuilder retBuilder = new StringBuilder();// 这里用不着多线程安全的StringBuffer
        OutputStream out = null;
        String line = null;
        StringBuilder reqDetailProcedure = new StringBuilder();// 这里用不着多线程安全的StringBuffer
        Date startTime = new Date();
        reqDetailProcedure.append("请求时间:【" + DATE_FORMATER.format(startTime) + "】").append("\r\n");
        reqDetailProcedure.append("请求地址:【" + urlStr + "】").append("\r\n");
        reqDetailProcedure.append("真实请求方式及编码:【post " + sendEncoding + "】").append("\r\n");
        reqDetailProcedure.append("期望返回编码:【" + recvEncoding + "】").append("\r\n");
        reqDetailProcedure.append("请求超时时间:【" + readTimeout / 1000 + "s】").append("\r\n");
        reqDetailProcedure.append("请求报文:【" + requestData + "】").append("\r\n");
        try {
//            如有必要,给?后的参数加encode(xxx,"UTF-8"),不然目标系统可能收到的request.getParameter()是乱码
//            String arg = java.net.URLEncoder.encode("中国","UTF-8");
//            url = new URL(urlStr+"?deptname="+arg);
            
            url = new URL(urlStr);
            
            trustAllHttpsCertificates();
            HttpsURLConnection.setDefaultHostnameVerifier(hv);
            
            conn = (HttpsURLConnection) url.openConnection();
            conn.setRequestMethod("POST");
            // 新增部分
            //conn.setHostnameVerifier(new TrustAnyHostnameVerifier());
            conn.setRequestProperty("SOAPAction", "\"\"");
            conn.setRequestProperty("Accept", "application/xml, application/json,application/dime, multipart/related, text/*");

            // 如果没有下面这一行代码,服务器端可以通过request.getParameter()和request.getInputStream()都接收到相同信息

            // Content-Type相关知识链接: http://www.cnblogs.com/whatlonelytear/p/6187575.html
            // conn如果不设Content-Type,则默认成application/x-www-form-urlencoded
            // 当然也可以配置成application/x-www-form-urlencoded;charset=UTF-8,此时要求服务端返回UTF-8编码,如果本地还用gbk去解码,有可能得到乱码
            conn.setRequestProperty("Content-Type", contentType);
            // 如果把Content-Type的类型改变成非application/x-www-form-urlencoded,如改成text/xml,
            // 则目标服务器端仅能通过request.getInputStream()接收信息, 如conn.setRequestProperty("Content-Type", "text/xml;charset=GBK");
            // Content-Type各类型解释: http://blog.csdn.net/blueheart20/article/details/45174399
            
            // conn.setRequestProperty("Accept-Charset", "utf-8");//未知
            
            //Cache-Control说明链接:http://huangyunbin.iteye.com/blog/1943310http://www.cnblogs.com/whatlonelytear/articles/6385390.html
            conn.setRequestProperty("Cache-Control", "no-cache");
            
            //设置head头,如果已存在,则覆盖之前的head配置
            if(headMap != null){
                for(Map.Entry<String, String > entry : headMap.entrySet()){
                    conn.setRequestProperty(entry.getKey(),entry.getValue());
                }
                
            }
            
            // conn.setRequestProperty("appName", appName);//各系统需要设置应用系统名,如电销为telesales(无意义,本人自定义)
            conn.setUseCaches(false); // 忽略缓存
            // get请求用不到conn.getOutputStream(),因为参数直接追加在地址后面,因此默认是false.
            // post请求(比如:文件上传)需要往服务区传输大量的数据,这些数据是放在http的body里面的,因此需要在建立连接以后,往服务端写数据.
            // 因为总是使用conn.getInputStream()获取服务端的响应,因此默认值是true.
            conn.setDoOutput(true); // 使用 URL
                                    // 连接进行输出,允许使用conn.getOutputStream().write()
            conn.setDoInput(true); // 使用 URL
                                    // 连接进行输入,允许使用conn.getInputStream().read();
            conn.setConnectTimeout(connectionTimeout);// 链接超时
            conn.setReadTimeout(readTimeout);// 读取超时
            conn.connect();// 建立链接
            byteOut = new ByteArrayOutputStream();
            byteOut.write(requestData.getBytes(sendEncoding));// 以指定编码发送,如果有乱码,修改之
            byte[] buf = byteOut.toByteArray();
            out = conn.getOutputStream();
            out.write(buf);
            out.flush();
            reqDetailProcedure.append("响应码和状态:【" + conn.getResponseCode() + "/" + conn.getResponseMessage() + "】").append("\r\n");
            if (HttpURLConnection.HTTP_OK == conn.getResponseCode()) {// 正确返回
                InputStream tempStream = conn.getInputStream();
                readInfo = new BufferedReader(new java.io.InputStreamReader(tempStream, recvEncoding));// 以指定编码读取返回信息,如果有乱码,修改之
                while ((line = readInfo.readLine()) != null) {
                    retBuilder.append(line).append(LINE_SEPARATOR);
                }
            } else {// 没有正确返回
                // 这个else分支有冗余代码,一来代码不多,二来这个分支是经过长时间思考,还是保留了下来,方便我以后对错误做不抛异常处理等
                InputStream tempStream = conn.getInputStream();// 如果响应码不是200,一般在这里就开始报异常,不会走到下面几行中去的.
                readInfo = new BufferedReader(new java.io.InputStreamReader(tempStream, recvEncoding));// cannotReach
                while ((line = readInfo.readLine()) != null) {// cannotReach
                    retBuilder.append(line);// cannotReach
                }// cannotReach
                reqDetailProcedure.append("@@返回异常报文:【" + retBuilder + "】").append("\r\n");// cannotReach
            }
        } catch (IOException e) {
            e.printStackTrace();
            throw e;
        } finally {
            // 目标服务端用response.setContentType("text/html;charset=UTF-8");然后源调用方可以用conn.getContentType()获取到[猜测,暂未测试]
            // conn.getContentType()包含在Head返回的内容中.
            // 返回如果带编码,可以做成动态编码去把流转成字符串,暂不优化.这是极好的l优化点.
            reqDetailProcedure.append("返回内容类型及编码:【" + conn.getContentType() + "】").append("\r\n");
            reqDetailProcedure.append("返回HEAD头信息:【" + conn.getHeaderFields() + "】").append("\r\n");
            reqDetailProcedure.append("返回报文:【" + retBuilder.toString() + "】").append("\r\n");
            Date endTime = new Date();
            reqDetailProcedure.append("返回时间:【" + DATE_FORMATER.format(endTime) + "】").append("\r\n");
            long diffMilliSecond = endTime.getTime() - startTime.getTime();
            long diffSecond = (diffMilliSecond / 1000);
            reqDetailProcedure.append("耗时:【" + diffMilliSecond + "】毫秒,大约" + "【" + diffSecond + "】秒").append("\r\n");
            System.out.println(reqDetailProcedure.toString());
            //ThreadLocalListContainer.put(reqDetailProcedure.toString());
            // ThreadLocalMapContainer.put(KingConstants.REQ_DETAIL_PROCEDURE,reqDetailProcedure.toString())
            try {
                if (readInfo != null) {
                    readInfo.close();
                }
                if (byteOut != null) {
                    byteOut.close();
                }
                if (out != null) {
                    out.close();
                }
                if (conn != null) {
                    conn.disconnect();
                }
            } catch (Exception e) {
                System.out.println("关闭链接出错!" + e.getMessage());
            }

        }
        return retBuilder.toString();
    }
    
    /**
     * 发送报文
     * 
     * 通信失败时返回分两种:一种是抛异常,一种是返回"",本方法取前者
     * 
     * @param requestData
     *            请求报文
     * @param urlStr
     *            请求地址
     * @param sendEncoding
     *            请求编码
     * @param recvEncoding
     *            返回编码
     * @param connectionTimeout
     *            链接超时时间 1000代表 1秒
     * @param readTimeout
     *            读取超时时间 1000代表1秒
     * @return
     * @throws IOException
     * @author 超神之巅
     */
    public static String send(String requestData, String urlStr, String sendEncoding, String recvEncoding, int connectionTimeout, int readTimeout) throws Exception {
        boolean flag = isJson(requestData);//是否JSON
        String contentType="application/soap+xml";
        if(flag) {
            contentType = "application/json";
        }
        return send( requestData,null, urlStr, sendEncoding, recvEncoding, connectionTimeout, readTimeout,contentType);
    }

    /**
     * 
     * @param filePath
     *            文件绝对路径
     * @param encoding
     *            读取文件的编码
     * @return
     * @author 超神之巅
     * @throws Exception
     */
    public static String readStringFromFile(String filePath, String encoding) {
        File file = new File(filePath);
        // System.out.println("文件 "+filePath+"存在与否?: "+ file.exists());
        String tempLine = null;
        String retStr = "";
        InputStreamReader isr = null;// way1:
        // FileReader fr = null;//way2
        StringBuilder sb = new StringBuilder();
        try {
            if (file.exists()) {
                isr = new InputStreamReader(new FileInputStream(file), encoding);// way1:
                // fr = new FileReader(file);//way2
                BufferedReader br = new BufferedReader(isr);// way1:
                // BufferedReader br = new BufferedReader(fr);;//way2:
                tempLine = br.readLine();
                while (tempLine != null) {
                    sb.append(tempLine).append(System.getProperty("line.separator"));
                    tempLine = br.readLine();
                }
                retStr = sb.toString();
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } finally {
            try {
                if (isr != null)
                    isr.close();
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        // System.out.println("读到的文件内容如下:");
        // System.out.println(retStr);
        return retStr;
    }
    /**
     * 判断字符串是否为JSON格式
     * @param str
     * @return
     */
    public static boolean isJson(String str){
        if (StringUtils.isBlank(str)) {
            return false;
        }
        
        boolean flag1 = (str.startsWith("{") && str.endsWith("}"));
        boolean flag2 = (str.startsWith("[") && str.endsWith("]"));
        
        return (flag1 || flag2);
    }

    /*public static final void writeInfo(HttpServletResponse resp, String errorCode, String respInfo, Map<String, Object> map) {
        map.put("errorCode", errorCode);
        map.put("respInfo", respInfo);
        String detail = ThreadLocalListContainer.getAll();
        map.put(KingConstants.DETAIL_PROCEDURE, detail);
        ThreadLocalListContainer.clearAll();
        // map.put(KingConstants.DETAIL_PROCEDURE, detail);
        try {
//            String gsonInfo = new Gson().toJson(map);//old
            Gson gson = new GsonBuilder().setPrettyPrinting().create();//new
            String gsonInfo = gson.toJson(map);
            PrintWriter pw = resp.getWriter();
            pw.print(gsonInfo);
            pw.flush();
            pw.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }*/

    /**
     * 
     * @param resp
     * @param errorCode
     * @param respInfo
     * @param map
     * ......
     * @time 2017年4月23日 上午9:12:43
     * @author 超神之巅
     */
    /*public static final void writeInfo(HttpServletResponse resp, KingResp result) {
        String detail = ThreadLocalListContainer.getAll();
        result.setDetailProcedure(detail);
        ThreadLocalListContainer.clearAll();
        try {
//            String gsonInfo = new Gson().toJson(map);//old
            Gson gson = new GsonBuilder().setPrettyPrinting().create();//new
            String gsonInfo = gson.toJson(result);
            FileTool.writeStringToFile("d:/temp/myinfo.txt", gsonInfo, "gbk", false);
            PrintWriter pw = resp.getWriter();
            pw.print(gsonInfo);
            pw.flush();
            pw.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }*/
    
    public static final void writeInfo(HttpServletResponse resp, String respInfo) {
        try {
            PrintWriter pw = resp.getWriter();
            pw.print(respInfo);
            pw.flush();
            pw.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
    
    public static final SimpleDateFormat DATE_FORMATER = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss:sss");

    public static void main(String[] args) throws Exception {
        String requestUrl  = "https://bx.zhcgs.gov.cn:8060/NewBxInfo/BxInfo.asmx";
        //把cacerts20181015文到该目录
        System.setProperty("javax.net.ssl.trustStore",
                "K:\\myprogram\\jdk\\jdk8\\jdk1.8.0_141\\jre\\lib\\security\\cacerts20181015");
        String requestData = readStringFromFile("d:/file/send.xml", "UTF-8");// 有乱码,请修改指定编码
        String sencXml = HttpsTool.send(requestData, requestUrl, "utf-8", "utf-8", 300 * 1000, 300 * 1000);// 大家最终只要使用这一句代码就可调用
    }
}

 

转载于:https://www.cnblogs.com/hmhhz/p/10177901.html

weixin_30497527
关注
Java接口自动化,post请求和get请求绕过HTTPS的SSL校验
天地沧海
05-27 686
直接上代码,这是工具类。Authorization字段值相当于cookie或者token,先在postman里试一下,跑通这个接口需要哪些必要的字段。 package com.ssl; /** * @Author: * @Date: 2021/5/24 * @Version 1.0 */ import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocke.
Https请求验证工具类
07-24
Https请求验证工具类,解决javax.net.ssl.SSLHandshakeException验证失败的错误
java 证书 请求_Http && Https(绕过证书) 请求工具类Java
weixin_39564807的博客
02-12 140
public classHttpRequestUtil {private static final String HTTP = "http";private static final String HTTPS = "https";private static SSLConnectionSocketFactory sslsf = null;private static PoolingHttpClie...
Hutool请求第三方接口时忽略SSL认证
最新发布
weixin_67712953的博客
08-23 612
2、在使用Hutool发送请求时,将配置添加进去。
java用HttpURLConnection发起HTTPS请求并跳过SSL证书
lianzhitiger的博客
02-23 1万+
package com.ruoyi.common.utils.https; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import java
java用HttpURLConnection发起HTTPS请求并跳过SSL证书,解决:unable to find valid certification path to requested targ
P_L_Wen97的博客
06-21 4728
HttpUrlConnection请求忽略SSL认证请求
HttpURLConnection绕过HTTPS的SSL验证(信任所有证书)
dongyan3595的博客
02-26 7195
import javax.net.ssl.*; static { try { trustAllHttpsCertificates(); HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { public boolean verify(String urlHostName, SSLSession session) { re.
Java Https请求,跳过证书,直接访问
12-12
下面是如何在Java中实现HTTPS请求并跳过证书验证: 1. 创建一个TrustManager,它总是信任所有证书,不进行任何验证: ```java TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { ...
httpclient 绕开HTTPS证书校验
07-05
然而,在某些特殊情况下,如进行测试、调试或者处理自签名证书的服务器,我们可能需要绕过HTTPS证书校验。这时,`httpclient`库提供了一种解决方案,允许我们以非标准方式配置客户端,从而忽略证书校验错误。 `...
http远程接口调用-httpClient+跳过SSL证书校验
08-04
在IT行业中,网络通信是应用程序之间交互的重要方式。...在apitest文件中,你可以找到包含HttpClient工具类代码,包括专门用于跳过SSL证书校验工具类,这些代码可以作为参考,帮助你在实际项目中实现类似功能。
用于后台通过HttpURLConnection访问绕过SSL认证
A121212789的博客
03-20 1777
如果不用httpclient而是用HttpURLConnection来进行访问https网站如何实现绕过SSL认证。
HttpURLConnection绕过HTTPS的SSL验证
weixin_30955341的博客
07-30 3344
(这个jdk环境需要是1.8,以上)。 直接在类里面加一个static代码块 1 static { 2 try { 3 trustAllHttpsCertificates(); 4 HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier...
https请求绕过证书安全校验相关配置
weixin_30693183的博客
12-26 586
需在weblogic服务器上配置内存溢出的地方加入一行配置: -DUseSunHttpHandler=true 注:空格隔开 然后调用工具类https://www.cnblogs.com/hmhhz/p/10177901.html 即可绕过https证书请求; 转载于:https://www.cnblogs.com/hmhhz/p/10177953.ht...
SSL弱校验问题
piaoershi的博客
04-13 462
在TrustManager里面的checkServerTrusted方法里面设置chain[0].checkValidity(); private final TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() { @Override public void checkClientTrusted(X509Certificat
java实现 HTTP/HTTPS请求绕过证书检测代码实现
热门推荐
paradise003的专栏
06-06 1万+
1、开发需求 需要实现在服务端发起HTTP/HTTPS请求,访问其他程序资源。 2、URLConnection和HTTPClient的比较 HttpClient是个很不错的开源框架,封装了访问http的请求头,参数,内容体,响应等等, DefaultHttpClient和它的兄弟AndroidHttpClient都是HttpClient具体的实现类,它们都拥有众多的API,而且实现比较稳定,b
java certificate_记录解决java.security.cert.CertificateException 问题过程
weixin_42512723的博客
02-23 3859
团队在开发过程中,突然发现有一个业务失常,该业务对接了另一个团队开发的IM SDK,报错异常如下为:java.security.cert.CertificateException:Domain specific configurations require that hostname aware checkServerTrusted(X509Certificate[], String, Strin...
java无法验证证书_在java中验证证书会引发异常 – 无法找到所请求目标的有效证书路径...
weixin_30695909的博客
02-21 834
如果您期望获得客户端证书,请让JSSE为您完成所有这些工作.如果要将特定连接用于自己的信任库,请配置JSSE以使用它.检查参考文档中的Customizing JSSE部分.以下是使用自定义信任库构建SSLContext的简短示例. (其他更复杂的X509TrustManagers也可以使用,但你很少需要它.)TrustManagerFactory tmf = TrustManagerFactory...
https请求跳过证书(GET)
qq_45858058的博客
12-15 501
https请求跳过证书(GET)
HTTPS请求忽略SSL证书
占星安啦的博客
11-18 9006
unable to find valid certification path to requested target https请求忽略SSL校验
解决Android WebView HTTPS证书校验问题
"Android webview手动校验https证书(by 星空武哥) - 解决Android系统bug导致的webview加载https证书问题" 在Android应用程序中,WebView组件常用于加载网页内容,包括HTTPS加密的网站。然而,由于Android系统的某些...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值