超详细HttpClient加载安全证书post请求访问https示例
(注:此测试java版本为1.7,经过测试java7以上(不含java7)的版本无需加载安全证书,也无需绕过安全证书就可以通过建立httpClient连接访问https网站,所以如果项目环境为Java7以上的小伙伴就不用考虑这些问题啦。)
最近公司爬虫项目因为一个网站的SSL证书升级问题,导致使用httpClient绕过SSL证书方法失效,因此尝试将该网站安全证书下载下来,将其加载到连接中去,经测试后成功问题解决。
- 浏览器(以chrome为例)访问https://www.apapanet.com/,点击域名左侧的小锁,可以查看该网站的证书信息,将信息证书导出,我这里保存为cer格式,路径为D:\Java\apapanet.cer。
- 接下来就是代码了,代码如下:
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpStatus;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class httpClient{
public static void main(String[] args) throws Exception {
// Load Certificate
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
// 这里的路径为证书存放路径
Certificate certificate = certificateFactory.generateCertificate(new FileInputStream("D:\\Java\\apapanet.cer"));
// Create TrustStore
KeyStore trustStoreContainingTheCertificate = KeyStore.getInstance("JKS");
trustStoreContainingTheCertificate.load(null, null);
// AddCertificate 第一个参数为证书别名, 可以任取
trustStoreContainingTheCertificate.setCertificateEntry("XYZ", certificate);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStoreContainingTheCertificate);
// Create SSLContext 我这里协议为TLSv1.2
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null,trustManagerFactory.getTrustManagers(),null);
SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext);
// Create custom httpClient 创建自定义httpClient连接
CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(sslConnectionSocketFactory).build();
try
{
// POST请求
HttpPost method = new HttpPost("https://www.apapanet.com/");
System.out.println("executing request" + method.getRequestLine());
method.setHeader("Content-type", "application/json;charset=utf-8");
method.setHeader("Accept", "application/json");
CloseableHttpResponse response = null;
response = httpClient.execute(method);
int status = response.getStatusLine().getStatusCode();
if (status == HttpStatus.SC_OK) {
String body = EntityUtils.toString(response.getEntity());
if(StringUtils.isNotBlank(body)){
System.out.println("body: "+body);
}
}
response.close();
} finally {
httpClient.close();
}
}
}
- 测试通过成功返回页面数据~~