http系列 - SSL请求,需要JKS证书的情况,如何做连接

2024-05-09 17:38
文章标签 需要 连接 http 请求 系列 证书 情况 ssl jks

本文主要是介绍http系列 - SSL请求,需要JKS证书的情况,如何做连接,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

 有些响应https请求的接口,需要在客户端添加证书的情况,其目的是加密在网络之间传输的请求报文,保证信息安全;

 

证书的加密方式多种多样,本案例以JKS加密的证书为例:

1.获取证书私钥PrivateKey 

private static PrivateKey getPrivateKey(String priKeyFile, String storePassword) throws Exception {char[] storePwdArr;int i;BufferedInputStream bis = null;try {KeyStore ks = KeyStore.getInstance("JKS");//加载证书FileInputStream fis = new FileInputStream(priKeyFile);bis = new BufferedInputStream(fis);//证书中的加密keyString storeAlias = "signKey";storePwdArr = new char[storePassword.length()];// store passwordfor (i = 0; i < storePassword.length(); i++) {storePwdArr[i] = storePassword.charAt(i);}ks.load(bis, storePwdArr);PrivateKey priv = (PrivateKey) ks.getKey(storeAlias, storePwdArr);return priv;} catch (KeyStoreException e) {e.printStackTrace();throw new Exception("1");} catch (FileNotFoundException e) {e.printStackTrace();throw new Exception("2", e);} catch (NoSuchAlgorithmException e) {e.printStackTrace();throw new Exception("3", e);} catch (CertificateException e) {e.printStackTrace();throw new Exception("4", e);} catch (IOException e) {e.printStackTrace();throw new Exception("5", e);} catch (UnrecoverableKeyException e) {e.printStackTrace();throw new Exception("6", e);} finally {if (bis != null) {try {bis.close();} catch (IOException e) {e.printStackTrace();}}}}

SSL实现(HTTP请求):

1.请求构建:

import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpConnectionManager;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
import org.apache.commons.httpclient.methods.ByteArrayRequestEntity;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.RequestEntity;
import org.apache.commons.httpclient.params.HttpConnectionManagerParams;
import org.apache.commons.httpclient.protocol.Protocol;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;/*** HTTP请求* */
public class HttpRequestUtil
{final static String PROTOCOL_NAME = "https";private static final Logger logger = LoggerFactory.getLogger(HttpRequestUtil.class);public static String sendJsonWithHttp(String surl, String json) throws Exception{URL url = new URL(surl);HttpURLConnection conn = (HttpURLConnection) url.openConnection();conn.setRequestProperty("Content-Type", "application/json;charset=utf-8");conn.setRequestMethod("POST");// 提交模式conn.setRequestProperty("Content-Length", json.getBytes().length + "");conn.setConnectTimeout(100000);// 连接超时单位毫秒 //conn.setReadTimeout(200000);// 读取超时 单位毫秒conn.setDoOutput(true);// 是否输入参数conn.setDoInput(true);conn.setUseCaches(false);conn.connect();DataOutputStream out = new DataOutputStream(conn.getOutputStream());out.write(json.getBytes());out.flush();out.close();BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));StringBuffer sb = new StringBuffer();String line;while ((line = reader.readLine()) != null){sb.append(line);}reader.close();conn.disconnect();return sb.toString();}public static  String https(String surl, String json){HttpClient client =getHttpClient();client.getParams().setContentCharset("UTF-8");PostMethod post = new PostMethod(surl);ByteArrayOutputStream baos = new ByteArrayOutputStream();Protocol httpProtocol;try {//声明协议类型httpProtocol = new Protocol(PROTOCOL_NAME, new SSLProtocolSocketFactory(false), 443);Protocol.registerProtocol(PROTOCOL_NAME, httpProtocol);//声明报文格式post.setRequestHeader("Content-Type", "application/json;charset=utf-8");RequestEntity requestEntity = null;requestEntity = new ByteArrayRequestEntity(json.getBytes("utf-8"));post.setRequestEntity(requestEntity);//执行调用client.executeMethod(post);String off = "ON";InputStream in = null;in = post.getResponseBodyAsStream();byte[] buf = new byte[2048];do{int n = in.read(buf);;if (n > 0){baos.write(buf, 0, n);}else if (n <= 0){break;}} while (true);}catch (HttpException e) {  logger.info("http exception when send http.", e);  } catch (IOException e) {  logger.info("io exception when send http.", e);  }finally {post.releaseConnection(); httpProtocol=null;}return baos.toString();}private static HttpClient httpClient=null;public static  HttpClient getHttpClient(){if(httpClient==null){HttpConnectionManager httpConnectionManager = new MultiThreadedHttpConnectionManager();HttpConnectionManagerParams params = httpConnectionManager.getParams();params.setConnectionTimeout(1000*60); params.setSoTimeout(20000); //避免异常的两行diamanteparams.setDefaultMaxConnectionsPerHost(1000);params.setMaxTotalConnections(2000);httpClient = new HttpClient(httpConnectionManager);}return httpClient;}
}

2.SSLProtocolSocketFactory必不可少

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;import javax.net.SocketFactory;import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;/*** */
public class SSLProtocolSocketFactory implements ProtocolSocketFactory {private boolean isChkCert;public SSLProtocolSocketFactory(boolean chkCert) {this.isChkCert = chkCert;}@Overridepublic Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException, UnknownHostException, ConnectTimeoutException {if (params == null) {throw new IllegalArgumentException("Parameters may not be null!");}int timeout = params.getConnectionTimeout();SocketFactory socketFactory = SSLContextFactory.getInstance(this.isChkCert).getSocketFactory();if (timeout == 0) {return createSocket(host, port, localAddress, localPort);}Socket socket = socketFactory.createSocket();SocketAddress localAddress_ = new InetSocketAddress(localAddress, localPort);SocketAddress remoteAddress = new InetSocketAddress(host, port);socket.bind(localAddress_);socket.connect(remoteAddress, timeout);return socket;}@Overridepublic Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException, UnknownHostException {return SSLContextFactory.getInstance(this.isChkCert).getSocketFactory().createSocket(host, port, localAddress, localPort);}@Overridepublic Socket createSocket(String host, int port) throws IOException, UnknownHostException {return SSLContextFactory.getInstance(this.isChkCert).getSocketFactory().createSocket(host, port);}
}

3.SSLContextFactory 

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;import org.slf4j.Logger;
import org.slf4j.LoggerFactory;/*** */
public class SSLContextFactory {private static final Logger logger = LoggerFactory.getLogger(SSLContextFactory.class);private static SSLContext ctx;private final static String PROTOCAL_NAME = "SSL";public static SSLContext getInstance(boolean chkCert) {if (ctx == null) {try {ctx = SSLContext.getInstance(PROTOCAL_NAME);if (chkCert) {logger.error("请实现证书信任连接!");} else {ctx.init(null, new TrustManager[] {new TrustAnyTrustManager()}, new SecureRandom());}} catch (NoSuchAlgorithmException e) {e.printStackTrace();} catch (KeyManagementException e) {e.printStackTrace();}return ctx;}return ctx;}
}

 

 

 

这篇关于http系列 - SSL请求,需要JKS证书的情况,如何做连接的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!


http://www.chinasem.cn/article/974055

相关文章

C#连接SQL server数据库命令的基本步骤

C#连接SQL server数据库命令的基本步骤

《C#连接SQLserver数据库命令的基本步骤》文章讲解了连接SQLServer数据库的步骤,包括引入命名空间、构建连接字符串、使用SqlConnection和SqlCommand执行SQL操作,... 目录建议配合使用:如何下载和安装SQL server数据库-CSDN博客1. 引入必要的命名空间2.
阅读更多...
Java通过驱动包(jar包)连接MySQL数据库的步骤总结及验证方式

Java通过驱动包(jar包)连接MySQL数据库的步骤总结及验证方式

《Java通过驱动包(jar包)连接MySQL数据库的步骤总结及验证方式》本文详细介绍如何使用Java通过JDBC连接MySQL数据库,包括下载驱动、配置Eclipse环境、检测数据库连接等关键步骤,... 目录一、下载驱动包二、放jar包三、检测数据库连接JavaJava 如何使用 JDBC 连接 mys
阅读更多...
Qt使用QSqlDatabase连接MySQL实现增删改查功能

Qt使用QSqlDatabase连接MySQL实现增删改查功能

《Qt使用QSqlDatabase连接MySQL实现增删改查功能》这篇文章主要为大家详细介绍了Qt如何使用QSqlDatabase连接MySQL实现增删改查功能,文中的示例代码讲解详细,感兴趣的小伙伴... 目录一、创建数据表二、连接mysql数据库三、封装成一个完整的轻量级 ORM 风格类3.1 表结构
阅读更多...
MySQL中的表连接原理分析

MySQL中的表连接原理分析

《MySQL中的表连接原理分析》:本文主要介绍MySQL中的表连接原理分析,具有很好的参考价值,希望对大家有所帮助,如有错误或未考虑完全的地方,望不吝赐教... 目录1、背景2、环境3、表连接原理【1】驱动表和被驱动表【2】内连接【3】外连接【4编程】嵌套循环连接【5】join buffer4、总结1、背景
阅读更多...
springboot如何通过http动态操作xxl-job任务

springboot如何通过http动态操作xxl-job任务

《springboot如何通过http动态操作xxl-job任务》:本文主要介绍springboot如何通过http动态操作xxl-job任务的问题,具有很好的参考价值,希望对大家有所帮助,如有错... 目录springboot通过http动态操作xxl-job任务一、maven依赖二、配置文件三、xxl-
阅读更多...
SpringBoot连接Redis集群教程

SpringBoot连接Redis集群教程

《SpringBoot连接Redis集群教程》:本文主要介绍SpringBoot连接Redis集群教程,具有很好的参考价值,希望对大家有所帮助,如有错误或未考虑完全的地方,望不吝赐教... 目录1. 依赖2. 修改配置文件3. 创建RedisClusterConfig4. 测试总结1. 依赖 <de
阅读更多...
javax.net.ssl.SSLHandshakeException:异常原因及解决方案

javax.net.ssl.SSLHandshakeException:异常原因及解决方案

《javax.net.ssl.SSLHandshakeException:异常原因及解决方案》javax.net.ssl.SSLHandshakeException是一个SSL握手异常,通常在建立SS... 目录报错原因在程序中绕过服务器的安全验证注意点最后多说一句报错原因一般出现这种问题是因为目标服务器
阅读更多...
Maven 配置中的 <mirror>绕过 HTTP 阻断机制的方法

Maven 配置中的 <mirror>绕过 HTTP 阻断机制的方法

《Maven配置中的<mirror>绕过HTTP阻断机制的方法》:本文主要介绍Maven配置中的<mirror>绕过HTTP阻断机制的方法,本文给大家分享问题原因及解决方案,感兴趣的朋友一... 目录一、问题场景:升级 Maven 后构建失败二、解决方案:通过 <mirror> 配置覆盖默认行为1. 配置示
阅读更多...
Linux中修改Apache HTTP Server(httpd)默认端口的完整指南

Linux中修改Apache HTTP Server(httpd)默认端口的完整指南

《Linux中修改ApacheHTTPServer(httpd)默认端口的完整指南》ApacheHTTPServer(简称httpd)是Linux系统中最常用的Web服务器之一,本文将详细介绍如何... 目录一、修改 httpd 默认端口的步骤1. 查找 httpd 配置文件路径2. 编辑配置文件3. 保存
阅读更多...
java连接opcua的常见问题及解决方法

java连接opcua的常见问题及解决方法

《java连接opcua的常见问题及解决方法》本文将使用EclipseMilo作为示例库,演示如何在Java中使用匿名、用户名密码以及证书加密三种方式连接到OPCUA服务器,若需要使用其他SDK,原理... 目录一、前言二、准备工作三、匿名方式连接3.1 匿名方式简介3.2 示例代码四、用户名密码方式连接4
阅读更多...

Copyright China编程 23002807@qq.com

沪ICP备2023033072号-2