1.引入包
pom.xml
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>3.0.0-RC1</version>
</dependency>
2.https请求需要证书,和忽略证书
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Headers;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okio.Buffer;
public final class ToolHttps {
private final OkHttpClient client;
public static final MediaType MEDIA_TYPE_FORM = MediaType.parse("application/x-www-form-urlencoded; charset=utf-8");
public ToolHttps(String sinowaycredit_cer) {
SSLContext sslContext = null;
if(sinowaycredit_cer !=null && !sinowaycredit_cer.equals("")){
sinowaycredit_cer = sinowaycredit_cer.replace("\\\\n", "\n");
sslContext = sslContextForTrustedCertificates(trustedCertificatesInputStream(sinowaycredit_cer));
}else{
try{
sslContext = SSLContext.getInstance("SSL");
sslContext.init(new KeyManager[0], new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
} }, new SecureRandom());
}catch(Exception e){
e.printStackTrace();
}
}
client = new OkHttpClient.Builder().sslSocketFactory(sslContext.getSocketFactory()).hostnameVerifier(new TrustAllHostNameVerifier()).build();
}
public static class TrustAllHostNameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
public String doHttpsPost(String url, String content, String token) throws Exception {
RequestBody formBody = new okhttp3.FormBody.Builder().add("data", content).add("token", token).build();
Request request = new Request.Builder().url(url).post(formBody).build();
Response response = client.newCall(request).execute();
if (!response.isSuccessful())
throw new IOException("Unexpected code " + response);
Headers responseHeaders = response.headers();
for (int i = 0; i < responseHeaders.size(); i++) {
System.out.println(responseHeaders.name(i) + ": " + responseHeaders.value(i));
}
String ret = response.body().string();
System.out.println(ret);
return ret;
}
// keytool -printcert -rfc -file sinowaycredit.cer > sinowaycredit.cer.txt
// 将字符串形式的证书转成stream
private InputStream trustedCertificatesInputStream(String sinowaycredit_cer) {
System.out.println(sinowaycredit_cer);
return new Buffer()
// .writeUtf8(comodoRsaCertificationAuthority)
// .writeUtf8(entrustRootCertificateAuthority)
.writeUtf8(sinowaycredit_cer).inputStream();
}
// 组装sslfactory
public SSLContext sslContextForTrustedCertificates(InputStream in) {
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
// Put the certificates a key store.
char[] password = "password".toCharArray(); // Any password will
// work.
KeyStore keyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificate);
}
// Wrap it up in an SSL context.
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, password);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
return sslContext;
} catch (GeneralSecurityException e) {
throw new RuntimeException(e);
}
}
private KeyStore newEmptyKeyStore(char[] password) throws GeneralSecurityException {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream in = null; // By convention, 'null' creates an empty key
// store.
keyStore.load(in, password);
return keyStore;
} catch (IOException e) {
throw new AssertionError(e);
}
}
public void run() throws Exception {
String url = "https://mgw.p*****.com.cn/toa-cbcs/rest/JXL/callback";
RequestBody formBody = new okhttp3.FormBody.Builder().add("data", "{\"APP_IDCARD_NO\":\"330719196804253671\",\"APP_PHONE_NO\":\"15601719880\",\"JSON_INFO\":\"value\"}").add("token", "token_test").build();
Request request = new Request.Builder().url(url).post(formBody).build();
Response response = client.newCall(request).execute();
if (!response.isSuccessful())
throw new IOException("Unexpected code " + response);
Headers responseHeaders = response.headers();
for (int i = 0; i < responseHeaders.size(); i++) {
System.out.println(responseHeaders.name(i) + ": " + responseHeaders.value(i));
}
System.out.println(response.body().string());
}
//试试看
public static void main(String... args) throws Exception {
//sslcode 为空,则忽略证书
String sslcode ="-----BEGIN CERTIFICATE-----\n MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT\n MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i\n YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG\n EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg\n R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9\n 9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq\n fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv\n iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU\n 1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+\n bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW\n MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA\n ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l\n uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn\n Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS\n tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF\n PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un\n hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV\n 5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==\n -----END CERTIFICATE-----\n ";
new ToolHttps(sslcode).run();
}
}
相关推荐
Android OkHttp 3.0 忽略 HTTPS 证书的方法 一、HTTPS 证书简介 HTTPS 证书是用于确保网络通信安全的一种数字证书。它可以验证服务器的身份,确保客户端和服务器之间的通信安全。 HTTPS 证书可以分为两种:一种是...
生成HTTPS证书的过程通常包括以下步骤: 1. **生成RSA密钥对**:使用OpenSSL工具,我们可以运行`openssl genrsa -out server.key 2048`来生成一个2048位的RSA私钥。这个私钥应妥善保管,不要泄露。 2. **创建CSR...
配置Jetty9服务器使用HTTPS证书的过程涉及多个步骤,包括申请证书、转换证书格式、以及配置Jetty服务器本身。以下详细描述这些步骤。 首先,申请证书部分通常需要借助第三方服务商,如阿里云、腾讯云等,这些服务商...
HTTPS证书是互联网安全通信的重要组成部分,它通过加密技术保护数据传输,确保用户与服务器之间的通信不被第三方窃取或篡改。在PostMan这样的API测试工具中,导入HTTPS证书是进行安全接口测试的关键步骤。 PostMan...
为了绕过HTTPS证书校验,我们需要自定义`SSLContext`和`TrustManager`。`SSLContext`是SSL/TLS安全套接层的核心,它负责管理和初始化SSL会话。`TrustManager`是负责验证服务器证书的接口。在默认情况下,`httpclient...
**win-acme 网站HTTPS证书免费申请工具** win-acme是一款专为Windows环境设计的免费工具,它使得在IIS(Internet Information Services)服务器上配置HTTPS证书变得轻松快捷。该工具支持ACME(Automatic ...
标题“界面化实现https证书生成和nginx配置”指的是一个通过Java程序实现的工具,它能够帮助用户方便地生成HTTPS证书,并自动配置Nginx服务器以启用HTTPS服务。这个工具简化了通常涉及命令行操作的SSL/TLS证书创建...
本教程将详细介绍如何在 WAS 9 或 WAS 8 上配置 HTTPS 证书,以实现安全的 HTTPS 访问。 首先,我们需要创建一个经过证书颁发机构 (CA) 认证的密钥库文件。这通常涉及到以下几个步骤: 1. 使用 Java 提供的 `...
标题中的“win-acme.v2.1.13.978.x64”是一款名为win-acme的软件,这是一款专为Windows平台设计的免费HTTPS证书自动化管理工具。其版本号v2.1.13.978表明这是该软件的某个更新版本,x64则表示它适用于64位操作系统。...
本资源提供的是在Windows环境下使用openssl和keytool这两个工具来生成HTTPS证书的详细教程。下面将详细介绍这两个工具以及如何使用它们生成证书。 1. **openssl** OpenSSL是一款开源的SSL/TLS库,它包含了一系列...
根据提供的文件信息,我们可以整理出有关HTTPS证书制作与配置的关键知识点。下面将详细介绍这些知识点,以便更好地理解HTTPS证书的工作原理及其在实际应用中的配置过程。 ### HTTPS证书制作及配置全记录 #### 一、...
HTTPS证书是互联网安全通信的重要工具,它通过加密技术保护数据传输过程中的隐私和完整性,确保用户与服务器之间的交互不会被第三方窃取或篡改。在本压缩包中,包含了适用于Nginx和Tomcat服务器的HTTPS证书配置文件...
在IT行业中,尤其是在Web开发领域,安全通信是至关重要的,HTTPS证书扮演了核心角色。标题提到的"linux-用于快速为本地开发环境生成HTTPS证书的一组脚本",旨在帮助开发者在自己的本地环境中轻松创建安全的HTTPS连接...
生成本地泛域名HTTPS证书主要是为了在开发和测试环境中模拟真实环境,方便开发者进行网站的安全配置和调试工作。 一、什么是泛域名证书 泛域名证书是一种特殊的SSL证书,它允许在一个证书中包含一个主域名及其所有...
burp https证书与关闭HSTS正确姿势,决定干货,希望大家喜欢。
跳过HTTPS证书java SSLContext ctx = SSLContext.getInstance("TLS"); X509TrustManager tm = new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void ...
本篇文章将详细阐述如何为Tomcat配置HTTPS证书,确保你的Web应用程序能够安全地与用户进行交互。 首先,我们需要理解HTTPS的基本原理。HTTPS是HTTP(超文本传输协议)与SSL/TLS(安全套接层/传输层安全)的结合,...
这款工具是由Telerik公司开发的,支持Windows操作系统,并且通过一些特定设置,也能在苹果手机(iOS)中使用其HTTPS证书。 在iOS设备上使用Fiddler4,首先需要安装Fiddler证书以解密HTTPS流量。这是因为iOS设备默认...
原文链接:https://blog.csdn.net/m0_37814112/article/details/119391879?spm=1001.2014.3001.5501 说明:一键生产nginx https自签证书脚本,真实有效!