https httpclient 请求不绕过 证书
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Set;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.NameValuePair;
import org.apache.http.ParseException;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.params.BasicHttpParams;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.params.HttpParams;
import org.apache.http.protocol.HTTP;
import org.apache.http.util.EntityUtils;
import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
import android.util.Log;
import com.management.oa.OaApplication;
import com.management.oa.common.ServiceError;
import com.management.oa.data.UserData;
import com.management.oa.data.json.QueryResultJson;
import com.management.oa.helper.JsonParser;
import com.management.oa.helper.PreferencesService;
import com.management.oa.utils.IsOneSessionUtil.MyHandler;
public class HttpsUtil {
public static final String IS_TRUSTED = "isTrusted";
private static final String SECURITY_CONNECTION_TYPE = "https";
public static final String HTTPS_FILE_NAME = "client_keystore.bks";
private static final String KEY_STORE_PASSWORD = "654321";
private static final String SSL_PROTOCAL = "TLS";
public static String mHostIp;
public static int mHostPort;
public static String mHostPath;
private static final int LOG_CMD_ID = 0;
private static final int mHttps_Time_Out = 50000;
/**
* URL有效性验�?
*/
private static boolean parseUrl( String strUrl ) {
boolean ret = false;
if ( strUrl != null ) {
URL url;
try {
url = new URL( strUrl );
mHostIp = url.getHost();
mHostPort = url.getPort();
ret = true;
}
catch ( MalformedURLException e ) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return ret;
}
/**
* 用json上传和下载信�?
*/
public static void getNetInfoByPost( final Context context,
final String url, final String jsonStr, final String jsonType,
final Handler handler ) {
ThreadUtil.getTheadPool( true ).submit( new Runnable() {
@Override
public void run() {
try {
HttpResponse resp;
HttpPost httpPost;
if ( url.startsWith( SECURITY_CONNECTION_TYPE ) ) {
httpPost = makeHttpPost( url );
resp = makeHttpsClient( context, handler ).execute(
httpPost );
if ( resp != null ) {
log_to_view( "StatusCode : "
+ resp.getStatusLine().getStatusCode(),
handler );
log_to_view( "ReasonPhrase : "
+ resp.getStatusLine().getReasonPhrase(),
handler );
log_to_view(
"ProtocolVersion : "
+ resp.getStatusLine()
.getProtocolVersion(),
handler );
log_to_view( "Content : "
+ resp.getEntity().getContentType(),
handler );
log_to_view( "Content : "
+ resp.getEntity().getContentLength(),
handler );
String strResult = EntityUtils.toString( resp
.getEntity() );
log_to_view( "strResult : " + strResult, handler );
}
else {
log_to_view( "NULL", handler );
}
}
else {
httpPost = new HttpPost( url );
List<NameValuePair> pair = new ArrayList<NameValuePair>();
pair.add( new BasicNameValuePair( "type", jsonType ) );
pair.add( new BasicNameValuePair( "json", jsonStr ) );
httpPost.setEntity( new UrlEncodedFormEntity( pair,
"utf-8" ) );
resp = new DefaultHttpClient().execute( httpPost );
int statusCode = resp.getStatusLine().getStatusCode();
Message message = handler.obtainMessage();
message.what = statusCode;
if ( statusCode == HttpStatus.SC_OK ) {
String strResult = EntityUtils.toString( resp
.getEntity() );
message.obj = strResult;
}
handler.sendMessage( message );
}
}
catch ( Exception e ) {
log_to_view( "Exception:" + e.getMessage(), handler );
handler.sendEmptyMessage( NetUtil.NET_EXC_ERR );
}
}
} );
}
/**
* 获得测试post
*/
private static HttpPost makeHttpPost( String url ) {
HttpPost httpPost = new HttpPost( url );
httpPost.setHeader( "test", "test" );
ArrayList<NameValuePair> loginInfo = new ArrayList<NameValuePair>();
loginInfo.add( new BasicNameValuePair( "name", "peter" ) );
try {
httpPost.setEntity( new UrlEncodedFormEntity( loginInfo ) );
}
catch ( UnsupportedEncodingException e ) {
// TODO Auto-generated catch block
e.printStackTrace();
}
HttpParams timeParams = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout( timeParams, mHttps_Time_Out );
HttpConnectionParams.setSoTimeout( timeParams, mHttps_Time_Out );
httpPost.setParams( timeParams );
return httpPost;
}
/**
* 获得https client
*/
private static HttpClient makeHttpsClient( Context context, Handler mHandler ) {
try {
KeyStore trustStore = KeyStore.getInstance( KeyStore
.getDefaultType() );
trustStore.load( context.openFileInput( HTTPS_FILE_NAME ),
KEY_STORE_PASSWORD.toCharArray() );
SSLSocketFactory socketFactory = new SSLSocketFactory( trustStore );
socketFactory.setHostnameVerifier( new X509HostnameVerifier() {
public boolean verify( String host, SSLSession session ) {
return true;
}
public void verify( String host, SSLSocket ssl )
throws IOException {
}
public void verify( String host, X509Certificate cert )
throws SSLException {
}
public void verify( String host, String[] cns,
String[] subjectAlts ) throws SSLException {
}
} );
Scheme sch = new Scheme( SECURITY_CONNECTION_TYPE, socketFactory,
mHostPort );
HttpClient httpClient = new DefaultHttpClient();
httpClient.getConnectionManager().getSchemeRegistry()
.register( sch );
return httpClient;
}
catch ( KeyStoreException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( NoSuchAlgorithmException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( CertificateException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( KeyManagementException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( UnrecoverableKeyException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( IOException e ) {
log_to_view( e.getMessage(), mHandler );
}
return null;
}
@SuppressLint( "DefaultLocale" )
public static void getNetInfoByPost( final Context context,
final String strUrl, final HashMap<String, String> postInfo,
final Handler handler, final String jsonInfo ) {
Log.e( "HttpUtil-post", postInfo.toString());
if ( !parseUrl( strUrl ) ) {
return;
}
ThreadUtil.getTheadPool( true ).submit( new Runnable() {
private PreferencesService mService;
private boolean mSecure;
private HttpPost mHttpPost;
private HttpParams mHttpParameters;
private DefaultHttpClient mHttpClient;
private void makeHttpPost() {
mHttpParameters = new BasicHttpParams();
mHttpPost = new HttpPost( strUrl );
if ( mSecure ) {
mService = PreferencesService.getInstance( context );
boolean isTrusted = mService.getBoolean( IS_TRUSTED, false );
if ( !isTrusted ) {
HttpsUtil.installCert( context, handler, mService );
}
// 设置超时时间
HttpConnectionParams.setConnectionTimeout( mHttpParameters,
mHttps_Time_Out );
HttpConnectionParams.setSoTimeout( mHttpParameters,
mHttps_Time_Out );
}
else {
// 设置超时时间
HttpConnectionParams.setConnectionTimeout( mHttpParameters,
NetUtil.CONNECT_TIMEOUT );
HttpConnectionParams.setSoTimeout( mHttpParameters, 30000 );
}
mHttpPost.setParams( mHttpParameters );
mHttpPost.addHeader( "Cookie", postInfo.remove( "Cookie" ) );
}
private void makeHttpsClient() {
try {
KeyStore trustStore = KeyStore.getInstance( KeyStore
.getDefaultType() );
trustStore.load( context.openFileInput( HTTPS_FILE_NAME ),
KEY_STORE_PASSWORD.toCharArray() );
SSLSocketFactory socketFactory = new SSLSocketFactory(
trustStore );
socketFactory
.setHostnameVerifier( new X509HostnameVerifier() {
public boolean verify( String host,
SSLSession session ) {
return true;
}
public void verify( String host, SSLSocket ssl )
throws IOException {
}
public void verify( String host,
X509Certificate cert )
throws SSLException {
}
public void verify( String host, String[] cns,
String[] subjectAlts )
throws SSLException {
}
} );
Scheme sch = new Scheme( SECURITY_CONNECTION_TYPE,
socketFactory, mHostPort );
mHttpClient = new DefaultHttpClient();
mHttpClient.getConnectionManager().getSchemeRegistry()
.register( sch );
return;
}
catch ( KeyStoreException e ) {
log_to_view( e.getMessage(), handler );
}
catch ( NoSuchAlgorithmException e ) {
log_to_view( e.getMessage(), handler );
}
catch ( CertificateException e ) {
log_to_view( e.getMessage(), handler );
}
catch ( KeyManagementException e ) {
log_to_view( e.getMessage(), handler );
}
catch ( UnrecoverableKeyException e ) {
log_to_view( e.getMessage(), handler );
}
catch ( IOException e ) {
log_to_view( e.getMessage(), handler );
}
mHttpClient = null;
}
private void makeHttpClient() {
if ( mSecure ) {
makeHttpsClient();
}
else {
mHttpClient = new DefaultHttpClient( mHttpParameters );
}
}
@Override
public void run() {
try {
URL url = new URL( strUrl );
mSecure = url.getProtocol().toLowerCase()
.equals( SECURITY_CONNECTION_TYPE );
makeHttpPost();
makeHttpClient();
List<NameValuePair> nvps = new ArrayList<NameValuePair>();
HttpResponse response = null;
if ( postInfo != null && jsonInfo == null ) {
Set<String> keys = postInfo.keySet();
for ( String key : keys ) {
nvps.add( new BasicNameValuePair( key, postInfo
.get( key ) ) );
}
UrlEncodedFormEntity urlEntity = new UrlEncodedFormEntity(
nvps, HTTP.UTF_8 );
mHttpPost.setEntity( urlEntity );
}
else if ( jsonInfo != null ) {
StringEntity entity = new StringEntity( jsonInfo,
HTTP.UTF_8 );
mHttpPost.setEntity( entity );
}
// mHttpPost.set
response = mHttpClient.execute( mHttpPost );
int statusCode = response.getStatusLine().getStatusCode();
Log.i( "httpsUtil", "statusCode =" + statusCode );
Message message = handler.obtainMessage();
if ( statusCode == HttpStatus.SC_OK
|| statusCode == NetUtil.NET_QUERY_SUCC ) {
String backStr = EntityUtils.toString( response
.getEntity() );
message.obj = backStr;
// Log.e("message.obj" , backStr );
}
if ( handler instanceof MyHandler ) {
// 保存用户信息
String ret = ( String ) message.obj;
if ( ret != null && ret.length() > 0 ) {
QueryResultJson result = JsonParser
.parseQueryResultJson( ret );
if ( result != null ) {
if ( result.retcode == ServiceError.ERR_NONE ) {
if ( result.retdata != null ) {
PrefInfoUtils.saveLoginInfo(
OaApplication.getmContext(),
result.retdata.toString() );
UserData.getInstance()
.setLoginData(
PrefInfoUtils
.getLoginInfo( OaApplication
.getmContext() ) );
}
}
}
}
}
message.what = statusCode;
handler.sendMessage( message );
}
catch ( MalformedURLException e ) {
handler.sendEmptyMessage( NetUtil.NET_ERR );
}
catch ( UnsupportedEncodingException e ) {
handler.sendEmptyMessage( NetUtil.NET_ERR );
}
catch ( ClientProtocolException e ) {
handler.sendEmptyMessage( NetUtil.NET_ERR );
}
catch ( ParseException e ) {
handler.sendEmptyMessage( NetUtil.NET_ERR );
}
catch ( IOException e ) {
handler.sendEmptyMessage( NetUtil.NET_REQUEST_TIME_OUT );
}
catch ( Exception e ) {
Log.e( "httputil--post", "err" );
e.printStackTrace();
}
}
} );
}
/**
* 安装证书
*/
public static void installCert( Context context, Handler mHandler,
PreferencesService preferences ) {
boolean istrusted = false;
try {
InputStream iStream = context.openFileInput( HTTPS_FILE_NAME );
KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() );
ks.load( iStream, KEY_STORE_PASSWORD.toCharArray() );
iStream.close();
SSLContext sslContext = SSLContext.getInstance( SSL_PROTOCAL );
TrustManagerFactory tmf = TrustManagerFactory
.getInstance( TrustManagerFactory.getDefaultAlgorithm() );
tmf.init( ks );
X509TrustManager defaultTrustManager = ( X509TrustManager ) tmf
.getTrustManagers()[0];
SavingTrustManager tm = new SavingTrustManager( defaultTrustManager );
sslContext.init( null, new TrustManager[] { tm }, null );
javax.net.ssl.SSLSocketFactory factory = sslContext
.getSocketFactory();
try {
SSLSocket socket = ( SSLSocket ) factory.createSocket( mHostIp,
mHostPort );
socket.setSoTimeout( mHttps_Time_Out );
socket.startHandshake();
socket.close();
istrusted = true;
}
catch ( SSLException e ) {
log_to_view( e.getMessage(), mHandler );
istrusted = false;
}
if ( !istrusted ) {
X509Certificate[] chain = tm.chain;
if ( chain == null ) {
return;
}
ks.setCertificateEntry( mHostIp + "_" + 0, chain[0] );
// 如果想更改新密码,这个passwd替换成新密码即可
ks.store( context.openFileOutput( HTTPS_FILE_NAME,
Context.MODE_PRIVATE ), KEY_STORE_PASSWORD
.toCharArray() );
istrusted = true;
}
}
catch ( FileNotFoundException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( NoSuchAlgorithmException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( CertificateException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( IOException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( KeyStoreException e ) {
log_to_view( e.getMessage(), mHandler );
}
catch ( KeyManagementException e ) {
log_to_view( e.getMessage(), mHandler );
}
finally {
preferences.putBoolean( IS_TRUSTED, istrusted );
}
}
/**
* 保存管理�?
*/
private static class SavingTrustManager implements X509TrustManager {
private final X509TrustManager tm;
private X509Certificate[] chain;
SavingTrustManager( X509TrustManager tm ) {
this.tm = tm;
}
public X509Certificate[] getAcceptedIssuers() {
throw new UnsupportedOperationException();
}
public void checkClientTrusted( X509Certificate[] chain, String authType )
throws CertificateException {
throw new UnsupportedOperationException();
}
public void checkServerTrusted( X509Certificate[] chain, String authType )
throws CertificateException {
this.chain = chain;
tm.checkServerTrusted( chain, authType );
}
}
/**
* 导出日志
*/
private static void log_to_view( String logs, Handler mHandler ) {
Bundle b = new Bundle();
b.putString( "log", logs );
Message m = Message.obtain( mHandler, LOG_CMD_ID );
m.setData( b );
m.sendToTarget();
}
/**
* 流拷�?
*/
public static void copyStream( InputStream iStream, OutputStream oStream )
throws Exception {
byte[] buff = new byte[1024];
int len = iStream.read( buff );
while ( len != -1 ) {
oStream.write( buff, 0, len );
len = iStream.read( buff );
}
}
}
捐助开发者
在兴趣的驱动下,写一个免费的东西,有欣喜,也还有汗水,希望你喜欢我的作品,同时也能支持一下。 当然,有钱捧个钱场(支持支付宝和微信 以及扣扣群),没钱捧个人场,谢谢各位。
个人主页:http://knight-black-bob.iteye.com/
谢谢您的赞助,我会做的更好!
相关推荐
HTTPClient 4.5中提供了这样的功能,可以让我们自定义SSL上下文,从而绕过默认的证书验证。以下是如何操作的步骤: 1. **创建自定义的X509TrustManager**:这个类负责验证服务器证书。我们可以创建一个信任所有证书...
下面是如何在Java中实现HTTPS请求并跳过证书验证: 1. 创建一个TrustManager,它总是信任所有证书,不进行任何验证: ```java TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { ...
总之,`httpclient`库提供了绕过HTTPS证书校验的能力,这在特定场景下很有用。然而,这种做法应该谨慎使用,并且只限于测试和非生产环境,因为这会削弱原本的加密保护,使数据易受攻击。在实际应用中,应确保使用...
通过创建自定义的SSLContext和HostnameVerifier,我们可以轻松地绕过SSL校验,从而简化接口调用流程。然而,这必须谨慎使用,避免在生产环境中引入安全风险。在apitest文件中,你可以找到包含HttpClient工具类代码,...
但在开发或测试环境中,我们可能需要绕过这一环节。以下是如何配置HttpClient忽略SSL验证: 1. 创建自定义的`SSLSocketFactory`: 首先,创建一个不检查主机名的`SSLContext`: ```java SSLContext sslContext =...
在开发和测试环境中,我们可能需要绕过这个检查,以接受任何证书,这就涉及到HttpClient的SSLContext和TrustManager的配置。 以下是一个示例代码,展示了如何配置HttpClient以自动接受所有https证书: ```java ...
以上就是解决Java中HTTPS请求证书问题的详细步骤,以及如何使用httpUtils(以Apache HttpClient为例)进行HTTPS请求。通过这些方法,你可以确保与不信任证书的服务器安全通信。记住,处理证书时务必小心,避免引入...
但在开发环境中,为了快速测试,我们可能希望绕过这些认证。本文将详细介绍如何使用Java和HttpClient来模拟HTTPS文件上传,并跳过SSL验证。 首先,我们需要导入必要的依赖。如果你使用的是Maven项目,可以在pom.xml...
- **安全性问题**:绕过证书验证虽然简化了开发流程,但在生产环境中可能导致安全风险。建议使用有效的证书验证机制。 - **编码问题**:确保参数编码为UTF-8,以避免字符编码错误。 - **异常处理**:适当处理可能抛...
在这个过程中,我们创建了一个自定义的SSLClient类,绕过了证书验证,然后编写了PostRequestSender类,用于发送POST请求并处理响应。这两个类的结合使得在Java程序中调用HTTPS接口变得更加简单。
这样一来,即便目标服务器使用的是自签名的证书,也可以将这些证书直接传递给HttpClient,从而绕过证书验证的常规流程。 文章中提供的代码示例显示了如何实现上述两种方法。首先,创建了一个HttpClientHandler实例...
描述中提到的“可以通过躲避证书,绕过加密算法来获取数据”,这指的是安全漏洞或恶意攻击者可能利用的手段,如中间人攻击或者信任不当的自签名证书。 HttpClient 4.2.5在处理HTTPS连接时,提供了证书管理的灵活性...
然而,在某些开发或测试环境中,可能需要绕过证书校验,例如在自签名证书的本地服务器上。Java提供了一种机制,通过自定义`SSLContext`来实现这一目的。以下是一个实例代码,展示了如何创建一个不进行证书校验的`SSL...
SSL跳过证书 java ctx.init(null, new TrustManager[] { tm }, new java.security.SecureRandom()); // SSLConnectionSocketFactory ssf = new SSLConnectionSocketFactory( // ctx, NoopHostnameVerifier.INSTANCE)...
为了调试或测试目的,开发者可能需要绕过默认的证书验证机制,例如在使用自签名证书的服务器上。这时,可以通过创建自定义的TrustManager并设置到HttpsURLConnection中,以接受特定的证书。但这仅限于测试环境,因为...
1. 绕过证书验证实现HTTPS: ```java SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme("https", PlainSocketFactory.getSocketFactory(), 443)); ...
对于示例代码,可能使用`NoopHostnameVerifier`来绕过SSL验证,但这在生产环境中应谨慎使用,因为它可能带来安全风险。 然后,我们可以创建`CloseableHttpClient`实例,并使用`execute(HttpUriRequest request)`...
在IT行业中,网络通信是应用程序的核心部分,而HTTP和HTTPS协议是互联网上最常用的通信...通过实践和分析这个代码,开发者可以增强自己在处理HTTP和HTTPS连接方面的能力,同时理解如何在特定情况下安全地绕过证书验证。
一个更好的解决方案是通过重写SSLContextBuilder类,强制置空KeyManagers和TrustManagers中的私有值,从而绕过Java默认的算法限制。 超时时间设置不生效是使用httpclient的另一个常见问题。开发者在设置超时参数时...
Xamarin证书固定绕过 这是一个小的Frida脚本,可以绕过基于Mono的证书固定。 该存储库包括一个带有源的示例应用程序和一个用于快速测试的预构建APK。 功能齐全的脚本也可在dist/获得,以快速使用 注意: Frida需要...