HTPPS请求 证书 解决方案
2024-05-13 05:40:46
1.忽略证书
public static String sendGetByProxy(String url, String param, String encode,String host,int port) throws Exception {String result = "";BufferedReader in = null;String urlNameString = url + "?" + param;URL realUrl = new URL(urlNameString);if("https".equalsIgnoreCase(realUrl.getProtocol())){SslUtils.ignoreSsl();}Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(host, port)); URLConnection connection = (URLConnection) realUrl.openConnection(proxy);// 设置通用的请求属性connection.setRequestProperty("accept", "*/*");connection.setRequestProperty("connection", "Keep-Alive");connection.setRequestProperty("user-agent","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");connection.setConnectTimeout(3000);connection.setReadTimeout(3000);// 建立实际的连接connection.connect();in = new BufferedReader(new InputStreamReader(connection.getInputStream(),encode));String line;while ((line = in.readLine()) != null) {result += line;}try {if (in != null) {in.close();}} catch (Exception e2) {e2.printStackTrace();}return result;}import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class SslUtils {private static void trustAllHttpsCertificates() throws Exception {TrustManager[] trustAllCerts = new TrustManager[1];TrustManager tm = new miTM();trustAllCerts[0] = tm;SSLContext sc = SSLContext.getInstance("SSL");sc.init(null, trustAllCerts, null);HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());}static class miTM implements TrustManager,X509TrustManager {public X509Certificate[] getAcceptedIssuers() {return null;}public boolean isServerTrusted(X509Certificate[] certs) {return true;}public boolean isClientTrusted(X509Certificate[] certs) {return true;}public void checkServerTrusted(X509Certificate[] certs, String authType)throws CertificateException {return;}public void checkClientTrusted(X509Certificate[] certs, String authType)throws CertificateException {return;}}/*** 忽略HTTPS请求的SSL证书,必须在openConnection之前调用* @throws Exception*/public static void ignoreSsl() throws Exception{HostnameVerifier hv = new HostnameVerifier() {public boolean verify(String urlHostName, SSLSession session) {System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());return true;}};trustAllHttpsCertificates();HttpsURLConnection.setDefaultHostnameVerifier(hv);}
}2.安装证书
2.1 代码
public static void main(String[] args) throws Exception {String host = "";int port = 8888;// 创建SSLContext对象,并使用我们指定的信任管理器初始化 TrustManager[] tm = { new MyX509TrustManager() }; SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE"); sslContext.init(null, tm, new java.security.SecureRandom()); // 从上述SSLContext对象中得到SSLSocketFactory对象 SSLSocketFactory ssf = sslContext.getSocketFactory(); // 创建URL对象 URL myURL = new URL(""); // 创建HttpsURLConnection对象,并设置其SSLSocketFactory对象 Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(host, port)); HttpsURLConnection httpsConn = (HttpsURLConnection) myURL.openConnection(proxy); httpsConn.setSSLSocketFactory(ssf); // 取得该连接的输入流,以读取响应内容 InputStreamReader insr = new InputStreamReader(httpsConn.getInputStream()); // 读取服务器的响应内容并显示 int respInt = insr.read(); while (respInt != -1) { System.out.print((char) respInt); respInt = insr.read(); } import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;import com.jfinal.kit.PathKit;
public class MyX509TrustManager implements X509TrustManager { /* * The default X509TrustManager returned by SunX509. We'll delegate * decisions to it, and fall back to the logic in this class if the * default X509TrustManager doesn't trust it. */ X509TrustManager sunJSSEX509TrustManager; MyX509TrustManager() throws Exception { // create a "default" JSSE X509TrustManager. KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(PathKit.getWebRootPath()+"/media/static/swzj.jks"), "987321".toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509", "SunJSSE"); tmf.init(ks); TrustManager tms [] = tmf.getTrustManagers(); /* * Iterate over the returned trustmanagers, look * for an instance of X509TrustManager. If found, * use that as our "default" trust manager. */ for (int i = 0; i < tms.length; i++) { if (tms[i] instanceof X509TrustManager) { sunJSSEX509TrustManager = (X509TrustManager) tms[i]; return; } } /* * Find some other way to initialize, or else we have to fail the * constructor. */ throw new Exception("Couldn't initialize"); } /* * Delegate to the default trust manager. */ public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { try { sunJSSEX509TrustManager.checkClientTrusted(chain, authType); } catch (CertificateException excep) { // do any special handling here, or rethrow exception. } } /* * Delegate to the default trust manager. */ public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { try { sunJSSEX509TrustManager.checkServerTrusted(chain, authType); } catch (CertificateException excep) { /* * Possibly pop up a dialog box asking whether to trust the * cert chain. */ } } /* * Merely pass this through. */ public X509Certificate[] getAcceptedIssuers() { return sunJSSEX509TrustManager.getAcceptedIssuers(); }
} 2.2 证书导入jks文件
实例:P7B格式证书(证书链)导入jks文件
2.2.1 安装证书
2.2.2 导出cer格式,p7b证书,包含根证书和子证书。分别导出为 根rootca.cer和子rootcaserver.cer。
2.2.3 使用java keytool工具(jdk bin目录) 将证书 分别导入 jks文件,遇到是否信任该证书提示时,输入y。(keytool无法直接导入p7b文件)
是否信任此证书? [否]: y
证书已添加到密钥库中C:\Program Files\Java\jdk1.7.0_80\bin>keytool -import -alias rootcaserver -trustcacerts -file d:/rootcaserver.cer -keystore d:/test.jks
输入密钥库口令:
证书已添加到密钥库中C:\Program Files\Java\jdk1.7.0_80\bin>keytool -import -alias rootcaserver -trustcacerts -file d:/rootcaserver.cer -keystore d:/test.jksHTPPS请求 证书 解决方案相关推荐
- 证书服务器web注册,无法通过 Web 注册请求证书 - Windows Server | Microsoft Docs
无法使用 Web 注册请求证书 09/11/2020 本文内容 本文针对使用 Web 注册无法请求证书的问题提供了解决方案. 适用于: WindowsServer 2008 R2 Service P ...
- jquery ajax多次请求接口解决方案
jquery ajax多次请求接口解决方案 参考文章: (1)jquery ajax多次请求接口解决方案 (2)https://www.cnblogs.com/DreamLiFeng/p/100088 ...
- fiddler无法抓取chrome浏览器请求的解决方案之关闭代理软件
fiddler无法抓取chrome浏览器请求的解决方案之关闭代理软件 参考文章: (1)fiddler无法抓取chrome浏览器请求的解决方案之关闭代理软件 (2)https://www.cnblog ...
- 第四节:跨域请求的解决方案和WebApi特有的处理方式
一. 简介 前言: 跨域问题发生在Javascript发起Ajax调用,其根本原因是因为浏览器对于这种请求,所给予的权限是较低的,通常只允许调用本域中的资源, 除非目标服务器明确地告知它允许跨域调用. ...
- 第十八节:跨域请求的解决方案和WebApi特有的处理方式
一. 简介 前言: 跨域问题发生在Javascript发起Ajax调用,其根本原因是因为浏览器对于这种请求,所给予的权限是较低的,通常只允许调用本域中的资源, 除非目标服务器明确地告知它允许跨域调用. ...
- ajax请求 304解决方案:
vue+elementUI项目,在win10系统的IE11浏览器运行, F12爆出几个问题: 此页上的代码禁用了反向和正向缓存 script 未知错误 304 not modified 304 Not ...
- JQuery的Ajax跨域请求的解决方案
JQuery的Ajax跨域请求的解决方案 参考文章: (1)JQuery的Ajax跨域请求的解决方案 (2)https://www.cnblogs.com/amylis_chen/p/4703735. ...
- axios请求中跨域及post请求问题解决方案
axios请求中跨域及post请求问题解决方案 参考文章: (1)axios请求中跨域及post请求问题解决方案 (2)https://www.cnblogs.com/lalalagq/p/99170 ...
- Electron使用时拦截HTTP请求的解决方案
Electron使用时拦截HTTP请求的解决方案 参考文章: (1)Electron使用时拦截HTTP请求的解决方案 (2)https://www.cnblogs.com/Amar/p/1105101 ...
最新文章
- 数学帅才克莱因及其启示
- selenium测试(Java)--鼠标事件(六)
- Vue012_ 自定义插件
- 如何查看python安装路径
- Objective-C Runtime 运行时之四:Method Swizzling
- Oracle行转列、列转行的Sql语句总结
- C1. Simple Polygon Embedding(计算几何)
- 【高效工作】Sublime Text 3 美化
- 颜值大比拼,用数据告诉你中国哪里美女多?
- 台式计算机如何上无线网络,台式电脑如何实现无线上网
- 微信小程序中显示HTML格式内容的实例
- Recheck Cond filter IO\CPU放大 原理与优化CASE - 含 超级大表 不包含(反选) SQL优化
- GDR(Gradual Decoder Refresh)帧
- 02-PDI(Kettle)导入与导出
- 2094 找出 3 位偶数
- 一碗酸爽面-倒在黎明前
- 内蒙古中考计算机考试知识点总结,内蒙古包头中考语文备考分析及知识总结.doc...
- 电视hdr测试软件,4K电视HDR尽量选择yuv,效果最好,有效解决HDR下画面发白!
- 几何代数(Geometric Algebra 也叫克利福德代数 Clifford Algebra)简介
- Android 屏幕方向以及UI界面状态的保存