java 携带SSL证书 请求https 接口对接

已于 2022-12-15 11:08:55 修改
阅读量2.5k 收藏 10
点赞数
分类专栏: SpringBoot2.x 文章标签: java ssl https
于 2022-10-15 21:49:04 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_40816738/article/details/127341100
版权

文章目录

1. 核心依赖
        <!--JSON依赖-->
        <dependency>
            <groupId>com.alibaba</groupId>
            <artifactId>fastjson</artifactId>
            <version>2.0.7</version>
        </dependency>
        <!--httpClient Start-->
        <!--httpClient 文件上传 Start-->
        <!-- https://mvnrepository.com/artifact/commons-fileupload/commons-fileupload -->
        <dependency>
            <groupId>commons-fileupload</groupId>
            <artifactId>commons-fileupload</artifactId>
            <version>1.4</version>
        </dependency>

        <!-- https://mvnrepository.com/artifact/commons-io/commons-io -->
        <dependency>
            <groupId>commons-io</groupId>
            <artifactId>commons-io</artifactId>
            <version>2.11.0</version>
        </dependency>
        <!--httpClient 文件上传 End-->

        <!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpcore -->
        <dependency>
            <groupId>org.apache.httpcomponents</groupId>
            <artifactId>httpcore</artifactId>
            <version>4.4.14</version>
        </dependency>

        <!-- https://mvnrepository.com/artifact/commons-httpclient/commons-httpclient -->
        <dependency>
            <groupId>commons-httpclient</groupId>
            <artifactId>commons-httpclient</artifactId>
            <version>3.1</version>
        </dependency>


        <!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpmime -->
        <dependency>
            <groupId>org.apache.httpcomponents</groupId>
            <artifactId>httpmime</artifactId>
            <version>4.5.13</version>
        </dependency>
        <!--httpClient End-->
2. 辅助依赖
  <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <!--字符串处理-->
        <dependency>
            <groupId>org.apache.commons</groupId>
            <artifactId>commons-lang3</artifactId>
            <version>${commons-lang3.version}</version>
        </dependency>
        <!--JSON依赖-->
        <dependency>
            <groupId>com.alibaba</groupId>
            <artifactId>fastjson</artifactId>
            <version>2.0.7</version>
        </dependency>
      
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
        </dependency>
3.工具类
package com.gblfy.https;

import com.alibaba.fastjson.JSON;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;

/**
 * Https携带SSL证书工具类
 *
 * @author gblfy
 * @date 2022-10-10
 */
public class HttpsSSLUtils {

    public static void main(String[] args) throws Exception {
        Map map = new HashMap<>();
        map.put("value", "value");
        map.put("value2", "value2");
        String jsonMsg = JSON.toJSONString(map);
        System.out.println(JSON.toJSONString(map));

         //测试线写死,后期改用配置文件
        String keystoreFile = "/app/_.cbit.com.cn.jks";//jboss
        String keystorePass = "liantiaoceshi";

        String urlStr = "https://127.0.0.1/login_queryLkBySfmc.htm";
        String charsetName = "UTF-8";
        String result = sendHttpSSLJsonMsg(keystoreFile, keystorePass, urlStr, jsonMsg, charsetName);
        System.out.println("result:" + result);

    }

    /**
     * 发送https json 携带SSL证书请求
     *
     * @param keystoreFile 证书文件
     * @param keystorePass 证书密码
     * @param urlStr       服务端地址
     * @param jsonMsg      json信息内容
     * @param charsetName  编码
     * @return ${ result 响应参数}
     */
    public static String sendHttpSSLJsonMsg(String keystoreFile, String keystorePass, String urlStr, String jsonMsg, String charsetName) throws Exception {
        try {
            if ("".equals(charsetName)) {
                charsetName = "UTF-8";
            }
            //设置可通过ip地址访问https请求
            HttpsURLConnection.setDefaultHostnameVerifier(new NullHostNameVerifier());
            // 创建SSLContext对象,并使用我们指定的信任管理器初始化
            TrustManager[] tm = {new MyX509TrustManager(keystoreFile, keystorePass)};
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, tm, new java.security.SecureRandom());
            // 从上述SSLContext对象中得到SSLSocketFactory对象
            SSLSocketFactory ssf = sslContext.getSocketFactory();
            URL url = new URL(urlStr);
            HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
            con.setSSLSocketFactory(ssf);
            con.setRequestMethod("POST"); // 设置以POST方式提交数据
            con.setDoInput(true); // 打开输入流,以便从服务器获取数据
            con.setDoOutput(true);// 打开输出流,以便向服务器提交数据

            PrintWriter out = new PrintWriter(new OutputStreamWriter(con.getOutputStream(), charsetName));
            //设置发送参数
            out.print(jsonMsg);
            out.flush();
            out.close();
            //读取请求返回值
            InputStreamReader in = new InputStreamReader(con.getInputStream(), charsetName);
            BufferedReader bfreader = new BufferedReader(in);
            String result = "";
            String line = "";
            while ((line = bfreader.readLine()) != null) {
                result += line;
            }
            return result;
        } catch (Exception e) {
            e.printStackTrace();
            throw e;
        }
    }
}


package com.gblfy.https;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/**
 * 信任管理器
 *
 * @author gblfy
 * @date 2022-10-10
 */
public class MyX509TrustManager implements X509TrustManager {

    X509TrustManager sunJSSEX509TrustManager;

    MyX509TrustManager(String keystoreFile, String pass) throws Exception {
        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(new FileInputStream(keystoreFile), pass.toCharArray());
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
        tmf.init(ks);
        TrustManager tms[] = tmf.getTrustManagers();
        for (int i = 0; i < tms.length; i++) {
            if (tms[i] instanceof X509TrustManager) {
                sunJSSEX509TrustManager = (X509TrustManager) tms[i];
                return;
            }
        }
        throw new Exception("Couldn't initialize");
    }

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        try {
            sunJSSEX509TrustManager.checkClientTrusted(chain, authType);
        } catch (CertificateException excep) {
            excep.printStackTrace();
        }
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        try {
            sunJSSEX509TrustManager.checkServerTrusted(chain, authType);
        } catch (CertificateException excep) {
            excep.printStackTrace();
        }
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return sunJSSEX509TrustManager.getAcceptedIssuers();
    }

}


package com.gblfy.https;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;

/**
 * 预前检验
 *
 * @author gblfy
 * @date 2022-10-10
 */
public class NullHostNameVerifier implements HostnameVerifier {

    @Override
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
}
评论 6
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

gblfy

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值