原理是认为所有的网站都是可信的。
使用的包情况:
<!-- http client --> <dependency> <groupId>commons-httpclient</groupId> <artifactId>commons-httpclient</artifactId> <version>3.1</version> </dependency> <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpcore</artifactId> <version>4.3.3</version> </dependency> <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-io</artifactId> <version>1.3.2</version> </dependency> <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>4.3.6</version> </dependency>
实例代码:
package com.my.uitls;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.HttpEntity;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;
public class NewSSLClient {
public static void main(String[] args) throws Exception {
//初始化
String url="https://39.156.1.100";
JSONObject json = new JSONObject();
json.put("username", "guest");
json.put("password", "123");
String params=json.toString();
String responseContent = null;
//实现部分
HttpClientBuilder builder = HttpClientBuilder.create();
SSLContext ctx = SSLContext.getInstance("TLS");
//核心部分
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
ctx.init(null, new TrustManager[]{tm}, null);
builder.setSslcontext(ctx);
SSLConnectionSocketFactory factory = new SSLConnectionSocketFactory(ctx,SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
builder.setSSLSocketFactory(factory);
CloseableHttpClient client = builder.build();
HttpPost httpPost = new HttpPost(url);
httpPost.setHeader("Content-Type", "application/json;charset=UTF-8");
StringEntity se = new StringEntity(params);
se.setContentType("text/json");
RequestConfig requestConfig = RequestConfig.custom()//
.setSocketTimeout(1000)//
.setConnectTimeout(1000)//
.build();// 设置请求和传输超时时间
httpPost.setEntity(se);
httpPost.setConfig(requestConfig);
CloseableHttpResponse response = client.execute(httpPost);
HttpEntity entity = response.getEntity();
if(response.getStatusLine().getStatusCode()==200) {
//请求成功
responseContent = EntityUtils.toString(entity, "UTF-8");
}else{
responseContent = null;
}
System.out.println(responseContent);
}
}