生成Web自签名的证书(在命令行执行以下命令)

keytool -genkey -keysize 2048 -validity 3650 -keyalg RSA -dname "CN=Hanshow, OU=Hanshow, O=Hanshow, L=Jiaxing, ST=Zhejiang, C=CN" -alias shopweb -keypass password_of_key -storepass password_of_store -keystore shopweb.jks

-keysize 2048 指定生成2048位的密钥

-validity 3650 指定证书有效期天数(3650=10年)

-keyalg RSA 指定用RSA算法生成密钥

-dname 设置签发者的信息

-alias 设置别名

-keypass 设定访问key的password

-storepass 设定访问这个KeyStore的password

web.jks指定生成的KeyStore文件名叫web.jks

  • 把生成的web.jks存放到classpath路径中。
  • 以下代码依赖Jackson JSON,OkHttp3,Apache XML-RPC Client。
  • 以下的实现全部是基于trustAll,即信任任何服务器

基础SSL工具类SSLUtils

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.KeyManagerFactory;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSocketFactory;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

import java.io.FileNotFoundException;

import java.io.InputStream;

import java.security.KeyStore;

import java.security.SecureRandom;

import java.security.cert.X509Certificate;

public class SSLUtils {

    public static KeyStore loadKeyStore(String type, String fileName, String password) throws Exception {

        try (InputStream input = SSLUtils.class.getClassLoader().getResourceAsStream(fileName)) {

            if (input == null) {

                throw new FileNotFoundException(String.format("cannot find KeyStore file \"%s\" in classpath",

                        fileName));

            }

            KeyStore ks = KeyStore.getInstance(type);

            ks.load(input, password.toCharArray());

            return ks;

        }

    }

    /**

     * 创建SSLSocketFactory

     *

     * @param protocol         SSL协议,默认:TLS

     * @param algorithm        KeyManager算法,默认:SunX509

     * @param provider         KeyManager提供者,默认:SunJSSE

     * @param keyPassword      Key password

     * @param keyStoreType     KeyStore类型,默认:JKS

     * @param keyStoreFileName KeyStore文件名,应在classpath中能找到。

     * @param storePassword    KeyStore的password

     * @return SSLSocketFactory实例

     * @throws Exception

     */

    public static SSLSocketFactory createSSLSocketFactory(String protocol, String algorithm, String provider, String keyPassword,

                                                          String keyStoreType, String keyStoreFileName, String storePassword) throws Exception {

        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(algorithm, provider);

        KeyStore keyStore = loadKeyStore(keyStoreType, keyStoreFileName, storePassword);

        keyManagerFactory.init(keyStore, keyPassword.toCharArray());

        TrustManager[] trustManagers = new TrustManager[]{

                new X509TrustManager() {

                    public X509Certificate[] getAcceptedIssuers() {

                        return new X509Certificate[0];

                    }

                    public void checkClientTrusted(X509Certificate[] certs, String authType) {

                        // Trust always

                    }

                    public void checkServerTrusted(X509Certificate[] certs, String authType) {

                        // Trust always

                    }

                }

        };

        SSLContext sslContext = SSLContext.getInstance(protocol);

        sslContext.init(keyManagerFactory.getKeyManagers(), trustManagers,

                new SecureRandom());

        return sslContext.getSocketFactory();

    }

    public static SSLSocketFactory createSSLSocketFactory(String keyPassword, String keyStoreFileName, String storePassword) throws Exception {

        return createSSLSocketFactory("TLS", "SunX509", "SunJSSE", keyPassword,

                "JKS", keyStoreFileName, storePassword);

    }

    public static HostnameVerifier createHostnameVerifier() {

        return (hostname, session) -> true;

    }

}

  XML-RPC Client

import com.fasterxml.jackson.databind.ObjectMapper;

import org.apache.xmlrpc.client.XmlRpcClient;

import org.apache.xmlrpc.client.XmlRpcClientConfigImpl;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLSocketFactory;

import java.net.URL;

public class DemoXmlRpcClient {

    private static boolean SSLContextInitialized = false;

    private URL url;

    private XmlRpcClient xmlRpcClient;

    public DemoXmlRpcClient(URL url) {

        this.url = url;

        if ("https".equalsIgnoreCase(url.getProtocol())) {

            initSSLContext();

        }

        XmlRpcClientConfigImpl rpcConfig = new XmlRpcClientConfigImpl();

        rpcConfig.setServerURL(this.url);

        // 设置RPC连接超时时间为60秒

        rpcConfig.setConnectionTimeout(60 * 1000);

        // 设置RPC等待响应时间为60秒

        rpcConfig.setReplyTimeout(60 * 1000);

        this.xmlRpcClient = new XmlRpcClient();

        this.xmlRpcClient.setConfig(rpcConfig);

    }

    private synchronized void initSSLContext() {

        if (!SSLContextInitialized) { // 只需要初始化一次

            try {

                SSLSocketFactory sslSocketFactory = SSLUtils.createSSLSocketFactory(

                        "password_of_key", "shopweb.jks", "password_of_store");

                HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);

                HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);

            } catch (Throwable t) {

                throw new RuntimeException("initialize SSLContext for XML-RPC error", t);

            }

            SSLContextInitialized = true;

        }

    }

    public Object execute(String command, Object[] params) throws Exception {

        return xmlRpcClient.execute(command, params);

    }

    public URL getUrl() {

        return url;

    }

    public static void main(String[] args) throws Exception {

        ObjectMapper objectMapper = new ObjectMapper();

        Object response;

        // 测试通过HTTPS向ESL-Working发送XML-RPC请求

        DemoXmlRpcClient sslClient = new DemoXmlRpcClient(new URL("https://127.0.0.1:9443/RPC2"));

        response = sslClient.execute("send_cmd", new Object[]{"API_VERSION", new Object[]{}});

        System.out.println(objectMapper.writeValueAsString(response));

        // 测试通过HTTP向ESL-Working发送XML-RPC请求

        DemoXmlRpcClient normalClient = new DemoXmlRpcClient(new URL("http://127.0.0.1:9000/RPC2"));

        response = normalClient.execute("send_cmd", new Object[]{"API_VERSION", new Object[]{}});

        System.out.println(objectMapper.writeValueAsString(response));

    }

}

HTTP Client

import com.fasterxml.jackson.databind.ObjectMapper;

import okhttp3.MediaType;

import okhttp3.OkHttpClient;

import okhttp3.Request;

import okhttp3.RequestBody;

import okhttp3.Response;

import okhttp3.ResponseBody;

import okhttp3.internal.platform.Platform;

import javax.net.ssl.SSLSocketFactory;

import javax.net.ssl.X509TrustManager;

import java.io.IOException;

import java.net.URL;

import java.util.concurrent.TimeUnit;

public class DemoHttpClient {

    private final static String JSON_MEDIA_TYPE_PATTERN = "application/json; charset=%s";

    private final static String DEFAULT_CHARSET = "utf-8";

    private final static String DEFAULT_CONTENT_TYPE = String.format(JSON_MEDIA_TYPE_PATTERN, DEFAULT_CHARSET);

    private final static ObjectMapper objectMapper = new ObjectMapper();

    private OkHttpClient httpClient;

    private OkHttpClient httpsClient;

    public DemoHttpClient(String keyPassword, String fileName, String storePassword) throws Exception {

        httpClient = new OkHttpClient.Builder()

                .readTimeout(60, TimeUnit.SECONDS)

                .connectTimeout(60, TimeUnit.SECONDS)

                .writeTimeout(60, TimeUnit.SECONDS).build();

        SSLSocketFactory sslSocketFactory = SSLUtils.createSSLSocketFactory(keyPassword, fileName, storePassword);

        X509TrustManager x509TrustManager = Platform.get().trustManager(sslSocketFactory);

        httpsClient = new OkHttpClient.Builder()

                .readTimeout(60, TimeUnit.SECONDS)

                .connectTimeout(60, TimeUnit.SECONDS)

                .writeTimeout(60, TimeUnit.SECONDS)

                .sslSocketFactory(sslSocketFactory, x509TrustManager)

                .hostnameVerifier(SSLUtils.createHostnameVerifier())

                .build();

    }

    public String get(String url) throws IOException {

        return get(new URL(url));

    }

    public String get(URL url) throws IOException {

        return httpRequest(url, "GET", DEFAULT_CONTENT_TYPE, null);

    }

    public String post(String url, Object data) throws IOException {

        return post(new URL(url), data);

    }

    public String post(URL url, Object object) throws IOException {

        byte[] data = objectMapper.writeValueAsString(object).getBytes(DEFAULT_CHARSET);

        return httpRequest(url, "POST", DEFAULT_CONTENT_TYPE, data);

    }

    public String put(String url, Object data) throws IOException {

        return put(new URL(url), data);

    }

    public String put(URL url, Object object) throws IOException {

        byte[] data = objectMapper.writeValueAsString(object).getBytes(DEFAULT_CHARSET);

        return httpRequest(url, "PUT", DEFAULT_CONTENT_TYPE, data);

    }

    public String httpRequest(URL url, String method, String contentType, byte[] data) throws IOException {

        OkHttpClient client;

        String protocol = url.getProtocol();

        if ("http".equalsIgnoreCase(protocol)) {

            client = httpClient;

        } else if ("https".equalsIgnoreCase(protocol)) {

            client = httpsClient;

        } else {

            throw new UnsupportedOperationException("unsupported protocol: " + protocol);

        }

        Request.Builder builder = new Request.Builder().url(url);

        MediaType mediaType = MediaType.parse(contentType);

        if ("GET".equalsIgnoreCase(method)) {

            builder.get();

        } else {

            RequestBody requestBody = RequestBody.create(mediaType, data == null ? new byte[0] : data);

            builder.method(method, requestBody);

        }

        Request request = builder.build();

        try (Response response = client.newCall(request).execute()) {

            if (response.isSuccessful()) {

                ResponseBody responseBody = response.body();

                return responseBody == null ? null : responseBody.string();

            } else {

                throw new IOException(String.format(

                        "%s/%s %s got unexpected response code %d",

                        protocol.toUpperCase(), method, url, response.code()));

            }

        }

    }

    public static void main(String[] args) throws Exception {

        DemoHttpClient httpClient = new DemoHttpClient("password_of_key", "shopweb.jks", "password_of_store");

        // 通过HTTP访问ESL-Working RESTful接口

        System.out.println(httpClient.get("http://127.0.0.1:9000/api2/runinfo"));

        // 通过HTTPS访问ESL-Working RESTful接口

        System.out.println(httpClient.get("https://127.0.0.1:9443/api2/runinfo"));

    }

}

  

Web支持HTTPS的client(HTTP&XML-RPC)的更多相关文章

  1. Web API应用支持HTTPS的经验总结

    在我前面介绍的WebAPI文章里面,介绍了WebAPI的架构设计方面的内容,其中提出了现在流行的WebAPI优先的路线,这种也是我们开发多应用(APP.微信.微网站.商城.以及Winform等方面的整 ...

  2. 实现KbmMw web server 支持https

    在以前的文章里面介绍过kbmmw 做web server. 前几天红鱼儿非要我给他做一个支持https 的web server. 其实kbmmw 支持https 有好几种方法: 1. 使用isapi ...

  3. web开发必看:你的网站支持https吗?

    如果有一项技术可以让网站的访问速度更快.更安全.并且seo权重提升(百度除外),而且程序员不需要改代码就可以全站使用,最重要的是,不需要额外花钱,那有这么好的事情吗? HTTP通信协议是全球万维网ww ...

  4. 在iOS APP中使用H5显示百度地图时如何支持HTTPS?

    现象: 公司正在开发一个iOSAPP,使用h5显示百度地图,但是发现同样的H5页面,在安卓可以显示出来,在iOS中就显示不出来. 原因分析: 但是现在iOS开发中,苹果已经要求在APP中的所有对外连接 ...

  5. iOS支持Https

    http://oncenote.com/2014/10/21/Security-1-HTTPS/?hmsr=toutiao.io&utm_medium=toutiao.io&utm_s ...

  6. 【ASP.NET Web API教程】6.2 ASP.NET Web API中的JSON和XML序列化

    谨以此文感谢关注此系列文章的园友!前段时间本以为此系列文章已没多少人关注,而不打算继续下去了.因为文章贴出来之后,看的人似乎不多,也很少有人对这些文章发表评论,而且几乎无人给予“推荐”.但前几天有人询 ...

  7. https大势已来?看腾讯专家如何在高并发压测中支持https

    WeTest 导读 用epoll编写一个高并发网络程序是很常见的任务,但在epoll中加入ssl层的支持则是一个不常见的场景.腾讯WeTest服务器压力测产品,在用户反馈中收到了不少支持https协议 ...

  8. 支持https的压力测试工具

    支持https的压力测试工具 测试了linux下的几种压力测试工具,发现有些不支持https,先简单总结如下: 一.apache的ab工具 /home/webadm/bin/ab -c 50 -n 1 ...

  9. Retrofit 2.0 超能实践(一),okHttp完美支持Https传输

    http: //blog.csdn.net/sk719887916/article/details/51597816 Tamic首发 前阵子看到圈子里Retrofit 2.0,RxJava(Andro ...

随机推荐

  1. Java生鲜电商平台-高并发的设计与架构

    Java生鲜电商平台-高并发的设计与架构 说明:源码下载Java开源生鲜电商平台以及高并发的设计与架构文档 对于高并发的场景来说,比如电商类,o2o,门户,等等互联网类的项目,缓存技术是Java项目中 ...

  2. Java自学-集合框架 List接口

    ArrayList与List接口 步骤 1 : ArrayList和List ArrayList实现了接口List 常见的写法会把引用声明为接口List类型 注意:是java.util.List,而不 ...

  3. 基于Proxy的小程序状态管理

    摘要: 小程序状态管理. 作者:wwayne 原文:基于Proxy的小程序状态管理 Fundebug经授权转载,版权归原作者所有. 微信小程序的市场在进一步的扩大,而背后的技术社区仍在摸索着最好的实践 ...

  4. iOS开发之--iPhone X 适配:MJRefresh上拉加载适配

    问题如下图: 出现原因,phoneX系列手机下方多了34像素的工作区域,所以需要对x全系列手机坐下适配, 解决如下: self.tableView.mj_footer.ignoredScrollVie ...

  5. vue---v-model的详细解答

    1.v-model:双向数据绑定的实现原理     等同于一个  v-bind  加   v-on <div id="app"> <!-- <input t ...

  6. jmeter5.1分布式压测

    在使用jmeter压测过程中,可能会度遇到内存溢出的错误,这是为什么呢?因为jmeter是java写的应用,java应用jvm堆内存heap受负载机硬件限制,虽然我们可以调整堆内存大小,但是单机无法支 ...

  7. Mac Kafka 环境搭建

    1.安装java 注意:kafka 截止发稿日兼容最高版本为1.8 千万不要安装 更高版本 ,我就是安装了12的发现不支持卸载了重装的

  8. BIO/NIO/AIO的区分(十四)

    BIO:同步阻塞IO(平常说的IO指的是BIO)NIO:同步非阻塞IOAIO:异步非阻塞IO io操作分为两部分,发起io请求,和io数据读写. 阻塞.非阻塞主要是针对线程发起io请求后,是否立即返回 ...

  9. TYVJ1071 LCIS 线性DP+决策集优化

    问题描述 TYVJ1071 题解 暴力\(\mathrm{DP}\) 首先,一个\(O(n^3)\)的解法: 设\(opt_{i,j}\)代表\(a\)的前\(i\)个和\(b\)的前\(j\)个的\ ...

  10. 读架构漫谈&我眼中的架构师

    本周是开学的第二周,读了由资深架构师王概凯 Kevin 执笔的系列专栏架构漫谈.初识这门课,懂得也不是很多,读了架构漫谈,有了一些理解. 首先作者讲述了缘起,由早期人独立自主生活到后来的集群,作者由这 ...