https双向认证java

**欢迎关注公众号**

**微信扫一扫**

https 双向认证demo

import javax.net.ssl.*;
import java.io.*;
import java.net.URL;
import java.security.KeyStore;

/**
 * 双向SSL 认证
 */
public class HttpsClient {

    private final static String charset = "UTF-8";

    /**
     * 客户端证书设置
     */
    protected String clientCertPwd;// 客户端证书密码
    protected String clientCertPath;
    protected String clientKeyType = "JKS";
    /**
     * 服务端证书设置
     */
    protected String trustCertPath;
    protected String truestCertPwd;
    protected String truestKeyType = "JKS";

    private SSLContext sslContext;

/**
* post方法
*/
    public Object post(Object request, String requestAddr) {
        String requestData = (String) request;
        StringBuffer sb = null;
        HttpsURLConnection urlCon = null;

        OutputStream os = null;
        InputStream fis = null;
        BufferedInputStream bis = null;

        InputStream is = null;
        BufferedReader br = null;
        try {
            if (sslContext == null) {
                sslContext = SSLContext.getInstance("SSL");
                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
                TrustManagerFactory tmf = TrustManagerFactory
                        .getInstance("SunX509");

                KeyStore keyStore = KeyStore.getInstance(clientKeyType);
                keyStore.load(new FileInputStream(clientCertPath),
                        clientCertPwd.toCharArray());
                kmf.init(keyStore, clientCertPwd.toCharArray());

                KeyStore trustKeyStore = KeyStore.getInstance(truestKeyType);
                trustKeyStore.load(new FileInputStream(trustCertPath),
                        truestCertPwd.toCharArray());
                tmf.init(trustKeyStore);
                sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
                HostnameVerifier hostnameVerifier = new HostnameVerifier() {
                    @Override
                    public boolean verify(String arg0, SSLSession arg1) {
                        return true;
                    }
                };
                HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
            }

            URL url = new URL(requestAddr);
            urlCon = (HttpsURLConnection) url.openConnection();
            urlCon.setDoOutput(true);
            urlCon.setDoInput(true);
            urlCon.setRequestMethod("POST");
            urlCon.setRequestProperty("Content-type", "text/xml;charset=" + charset);
            urlCon.setSSLSocketFactory(sslContext.getSocketFactory());

            os = urlCon.getOutputStream();
            fis = new ByteArrayInputStream(requestData.getBytes(charset));
            bis = new BufferedInputStream(fis);
            byte[] bytes = new byte[1024];
            int len = -1;
            while ((len = bis.read(bytes)) != -1) {
                os.write(bytes, 0, len);
            }
            closeOutputStream(os, fis, bis);

            is = urlCon.getInputStream();
            br = new BufferedReader(new InputStreamReader(is, "UTF-8"));
            sb = new StringBuffer();
            String line;
            while ((line = br.readLine()) != null) {
                sb.append(line);
            }
            return sb.toString();
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            try {
                closeOutputStream(os, fis, bis);
                closeInputStream(is, br);
                closeUrlCon(urlCon);
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }
        return null;
    }

    /**
     * @param urlCon
     */
    private static void closeUrlCon(HttpsURLConnection urlCon) {
        if (urlCon != null) {
            urlCon.disconnect();
        }
    }

    /**
     * @param is
     * @param br
     * @throws IOException
     */
    private static void closeInputStream(InputStream is, BufferedReader br)
            throws IOException {
        if (br != null) {
            br.close();
        }
        if (is != null) {
            is.close();
        }
    }

    /**
     * @param os
     * @param fis
     * @param bis
     * @throws IOException
     */
    private static void closeOutputStream(OutputStream os, InputStream fis,
                                          BufferedInputStream bis) throws IOException {
        if (os != null) {
            os.flush();
        }
        if (bis != null) {
            bis.close();
        }
        if (fis != null) {
            fis.close();
        }
        if (os != null) {
            os.close();
        }
    }

    public String getTruestCertPwd() {
        return truestCertPwd;
    }

    public void setTruestCertPwd(String truestCertPwd) {
        this.truestCertPwd = truestCertPwd;
    }

    public String getClientCertPwd() {
        return clientCertPwd;
    }

    public void setClientCertPwd(String clientCertPwd) {
        this.clientCertPwd = clientCertPwd;
    }

    public String getClientCertPath() {
        return clientCertPath;
    }

    public void setClientCertPath(String clientCertPath) {
        this.clientCertPath = clientCertPath;
    }

    public String getTrustCertPath() {
        return trustCertPath;
    }

    public void setTrustCertPath(String trustCertPath) {
        this.trustCertPath = trustCertPath;
    }

    public String getTruestKeyType() {
        return truestKeyType;
    }

    public void setTruestKeyType(String truestKeyType) {
        this.truestKeyType = truestKeyType;
    }

    public String getClientKeyType() {
        return clientKeyType;
    }

    public void setClientKeyType(String clientKeyType) {
        this.clientKeyType = clientKeyType;
    }
}