https 证书

1.引入包

pom.xml

<groupId>com.squareup.okhttp3</groupId>

<artifactId>okhttp</artifactId>

</dependency>

2.https请求需要证书，和忽略证书

import java.io.IOException;

import java.io.InputStream;

import java.security.GeneralSecurityException;

import java.security.KeyStore;

import java.security.SecureRandom;

import java.security.cert.Certificate;

import java.security.cert.CertificateException;

import java.security.cert.CertificateFactory;

import java.security.cert.X509Certificate;

import java.util.Collection;

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.KeyManager;

import javax.net.ssl.KeyManagerFactory;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSession;

import javax.net.ssl.TrustManager;

import javax.net.ssl.TrustManagerFactory;

import javax.net.ssl.X509TrustManager;

import okhttp3.Headers;

import okhttp3.MediaType;

import okhttp3.OkHttpClient;

import okhttp3.Request;

import okhttp3.RequestBody;

import okhttp3.Response;

import okio.Buffer;

public final class ToolHttps {

private final OkHttpClient client;

public static final MediaType MEDIA_TYPE_FORM = MediaType.parse("application/x-www-form-urlencoded; charset=utf-8");

public ToolHttps(String sinowaycredit_cer) {

SSLContext sslContext = null;

if(sinowaycredit_cer !=null && !sinowaycredit_cer.equals("")){

sinowaycredit_cer = sinowaycredit_cer.replace("\\\\n", "\n");

sslContext = sslContextForTrustedCertificates(trustedCertificatesInputStream(sinowaycredit_cer));

}else{

try{

sslContext = SSLContext.getInstance("SSL");

sslContext.init(new KeyManager[0], new TrustManager[] { new X509TrustManager() {

@Override

public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {

}

@Override

public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {

}

@Override

public X509Certificate[] getAcceptedIssuers() {

return null;

}

} }, new SecureRandom());

}catch(Exception e){

e.printStackTrace();

}

client = new OkHttpClient.Builder().sslSocketFactory(sslContext.getSocketFactory()).hostnameVerifier(new TrustAllHostNameVerifier()).build();

}

public static class TrustAllHostNameVerifier implements HostnameVerifier {

public boolean verify(String hostname, SSLSession session) {

return true;

}

public String doHttpsPost(String url, String content, String token) throws Exception {

RequestBody formBody = new okhttp3.FormBody.Builder().add("data", content).add("token", token).build();

Request request = new Request.Builder().url(url).post(formBody).build();

Response response = client.newCall(request).execute();

if (!response.isSuccessful())

throw new IOException("Unexpected code " + response);

Headers responseHeaders = response.headers();

for (int i = 0; i < responseHeaders.size(); i++) {

System.out.println(responseHeaders.name(i) + ": " + responseHeaders.value(i));

}

String ret = response.body().string();

System.out.println(ret);

return ret;

}

// keytool -printcert -rfc -file sinowaycredit.cer > sinowaycredit.cer.txt

// 将字符串形式的证书转成stream

private InputStream trustedCertificatesInputStream(String sinowaycredit_cer) {

System.out.println(sinowaycredit_cer);

return new Buffer()

// .writeUtf8(comodoRsaCertificationAuthority)

// .writeUtf8(entrustRootCertificateAuthority)

.writeUtf8(sinowaycredit_cer).inputStream();

}

// 组装sslfactory

public SSLContext sslContextForTrustedCertificates(InputStream in) {

try {

CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");

Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);

if (certificates.isEmpty()) {

throw new IllegalArgumentException("expected non-empty set of trusted certificates");

}

// Put the certificates a key store.

char[] password = "password".toCharArray(); // Any password will

// work.

KeyStore keyStore = newEmptyKeyStore(password);

int index = 0;

for (Certificate certificate : certificates) {

String certificateAlias = Integer.toString(index++);

keyStore.setCertificateEntry(certificateAlias, certificate);

}

// Wrap it up in an SSL context.

KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());

keyManagerFactory.init(keyStore, password);

TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());

trustManagerFactory.init(keyStore);

SSLContext sslContext = SSLContext.getInstance("TLS");

sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());

return sslContext;

} catch (GeneralSecurityException e) {

throw new RuntimeException(e);

}

private KeyStore newEmptyKeyStore(char[] password) throws GeneralSecurityException {

try {

KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

InputStream in = null; // By convention, 'null' creates an empty key

// store.

keyStore.load(in, password);

return keyStore;

} catch (IOException e) {

throw new AssertionError(e);

}

public void run() throws Exception {

String url = "https://mgw.p*****.com.cn/toa-cbcs/rest/JXL/callback";

RequestBody formBody = new okhttp3.FormBody.Builder().add("data", "{\"APP_IDCARD_NO\":\"330719196804253671\",\"APP_PHONE_NO\":\"15601719880\",\"JSON_INFO\":\"value\"}").add("token", "token_test").build();

Request request = new Request.Builder().url(url).post(formBody).build();

Response response = client.newCall(request).execute();

if (!response.isSuccessful())

throw new IOException("Unexpected code " + response);

Headers responseHeaders = response.headers();

for (int i = 0; i < responseHeaders.size(); i++) {

System.out.println(responseHeaders.name(i) + ": " + responseHeaders.value(i));

}

System.out.println(response.body().string());

}

//试试看

public static void main(String... args) throws Exception {

//sslcode 为空，则忽略证书

String sslcode ="-----BEGIN CERTIFICATE-----\n MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT\n MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i\n YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG\n EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg\n R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9\n 9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq\n fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv\n iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU\n 1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+\n bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW\n MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA\n ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l\n uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn\n Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS\n tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF\n PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un\n hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV\n 5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==\n -----END CERTIFICATE-----\n ";

new ToolHttps(sslcode).run();

}

猜你喜欢