HTTPS主要用于安全传输数据,从代码的角度来看,HTTPS主要使用了X509的方式进行了加密,至于密钥(证书)在什么地方,可能在购买HTTPS服务的时候被统一放置在DNS服务器之类的地方了吧(纯推测):
package com.sahadev;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.AllowAllHostnameVerifier;
public class HttpClient {
private static final AllowAllHostnameVerifier HOSTNAME_VERIFIER = new AllowAllHostnameVerifier();
private static X509TrustManager xtm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
private static X509TrustManager[] xtmArray = new X509TrustManager[] { xtm };
private static HttpsURLConnection conn = null;
public static String sendHttpsPost(String path, String params) throws Exception {
// 组拼实体数据
byte[] entity = params.getBytes("UTF-8");
URL url = new URL(path);
conn = (HttpsURLConnection) url.openConnection();
if (conn instanceof HttpsURLConnection) {
// Trust all certificates
SSLContext context = SSLContext.getInstance("TLS");
context.init(new KeyManager[0], xtmArray, new SecureRandom());
SSLSocketFactory socketFactory = context.getSocketFactory();
((HttpsURLConnection) conn).setSSLSocketFactory(socketFactory);
((HttpsURLConnection) conn).setHostnameVerifier(HOSTNAME_VERIFIER);
}
conn.setConnectTimeout(5 * 1000);
conn.setReadTimeout(30000);
conn.setDoInput(true);
conn.setDoOutput(true);// 允许输出数据
conn.setUseCaches(false);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.6)");
OutputStream outStream = new DataOutputStream(conn.getOutputStream());
outStream.write(entity);
outStream.flush();
outStream.close();
BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream()));
StringBuffer sb = new StringBuffer();
String line;
while ((line = br.readLine()) != null) {
sb.append(line);
}
return sb.toString();
}
public static void closeConnection() {
if (conn != null)
conn.disconnect();
}
}