关于httpclient 请求https (如何绕过证书验证)
第一种方法,适用于httpclient4.X 里边有get和post两种方法供你发送请求使用。导入证书发送请求的在这里就不说了,网上到处都是
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.conn.scheme.HostNameResolver;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.protocol.HTTP;
import org.apache.http.util.EntityUtils;
/*
* author:haungxuebin
* 云南新接口
*
*/
public class HttpClientSendPost {
private static DefaultHttpClient client;
/**
* 访问https的网站
* @param httpclient
*/
private static void enableSSL(DefaultHttpClient httpclient){
//调用ssl
try {
SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init(null, new TrustManager[] { truseAllManager }, null);
SSLSocketFactory sf = new SSLSocketFactory(sslcontext);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
Scheme https = new Scheme("https", sf, 443);
httpclient.getConnectionManager().getSchemeRegistry().register(https);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 重写验证方法,取消检测ssl
*/
private static TrustManager truseAllManager = new X509TrustManager(){
public void checkClientTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws CertificateException {
// TODO Auto-generated method stub
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws CertificateException {
// TODO Auto-generated method stub
}
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
};
/**
* HTTP Client Object,used HttpClient Class before(version 3.x),but now the
* HttpClient is an interface
*/
public static String sendXMLDataByGet(String url,String xml){
// 创建HttpClient实例
if (client == null) {
// Create HttpClient Object
client = new DefaultHttpClient();
enableSSL(client);
}
StringBuilder urlString=new StringBuilder();
urlString.append(url);
urlString.append("?");
System.out.println("getUTF8XMLString(xml):"+getUTF8XMLString(xml));
try {
urlString.append(URLEncoder.encode( getUTF8XMLString(xml) , "UTF-8" ));
} catch (UnsupportedEncodingException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
}
String urlReq=urlString.toString();
// 创建Get方法实例
HttpGet httpsgets = new HttpGet(urlReq);
String strRep="";
try {
HttpResponse response = client.execute(httpsgets);
HttpEntity entity = response.getEntity();
if (entity != null) {
strRep = EntityUtils.toString(response.getEntity());
// Do not need the rest
httpsgets.abort();
}
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return strRep;
}
/**
* Send a XML-Formed string to HTTP Server by post method
*
* @param url
* the request URL string
* @param xmlData
* XML-Formed string ,will not check whether this string is
* XML-Formed or not
* @return the HTTP response status code ,like 200 represents OK,404 not
* found
* @throws IOException
* @throws ClientProtocolException
*/
public static String sendXMLDataByPost(String url, String xmlData)
throws ClientProtocolException, IOException {
if (client == null) {
// Create HttpClient Object
client = new DefaultHttpClient();
enableSSL(client);
}
client.getParams().setParameter("http.protocol.content-charset",
HTTP.UTF_8);
client.getParams().setParameter(HTTP.CONTENT_ENCODING, HTTP.UTF_8);
client.getParams().setParameter(HTTP.CHARSET_PARAM, HTTP.UTF_8);
client.getParams().setParameter(HTTP.DEFAULT_PROTOCOL_CHARSET,
HTTP.UTF_8);
// System.out.println(HTTP.UTF_8);
// Send data by post method in HTTP protocol,use HttpPost instead of
// PostMethod which was occurred in former version
// System.out.println(url);
HttpPost post = new HttpPost(url);
post.getParams().setParameter("http.protocol.content-charset",
HTTP.UTF_8);
post.getParams().setParameter(HTTP.CONTENT_ENCODING, HTTP.UTF_8);
post.getParams().setParameter(HTTP.CHARSET_PARAM, HTTP.UTF_8);
post.getParams()
.setParameter(HTTP.DEFAULT_PROTOCOL_CHARSET, HTTP.UTF_8);
// Construct a string entity
StringEntity entity = new StringEntity(getUTF8XMLString(xmlData), "UTF-8");
entity.setContentType("text/xml;charset=UTF-8");
entity.setContentEncoding("UTF-8");
// Set XML entity
post.setEntity(entity);
// Set content type of request header
post.setHeader("Content-Type", "text/xml;charset=UTF-8");
// Execute request and get the response
HttpResponse response = client.execute(post);
HttpEntity entityRep = response.getEntity();
String strrep="";
if (entityRep != null) {
strrep = EntityUtils.toString(response.getEntity());
// Do not need the rest
post.abort();
}
// Response Header - StatusLine - status code
// statusCode = response.getStatusLine().getStatusCode();
return strrep;
}
/**
* Get XML String of utf-8
*
* @return XML-Formed string
*/
public static String getUTF8XMLString(String xml) {
// A StringBuffer Object
StringBuffer sb = new StringBuffer();
sb.append(xml);
String xmString = "";
try {
xmString = new String(sb.toString().getBytes("UTF-8"));
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
// return to String Formed
return xmString.toString();
}
}
第二种仿http的不用HttpClient 都是jdk自带的包
package org.sp.sc.util;
import Java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.NET.URL;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.Net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
/**
* 无视Https证书是否正确的JavaHttp Client
*
*
* @author huangxuebin
*
* @create 2012.8.17
* @version 1.0
*/
public class HttpsUtil {
/**
* 忽视证书HostName
*/
private static HostnameVerifier ignoreHostnameVerifier = new HostnameVerifier() {
public boolean verify(String s, SSLSession sslsession) {
System.out.println("WARNING: Hostname is not matched for cert.");
return true;
}
};
/**
* Ignore Certification
*/
private static TrustManager ignoreCertificationTrustManger = new X509TrustManager() {
private X509Certificate[] certificates;
@Override
public void checkClientTrusted(X509Certificate certificates[],
String authType) throws CertificateException {
if (this.certificates == null) {
this.certificates = certificates;
System.out.println("init at checkClientTrusted");
}
}
@Override
public void checkServerTrusted(X509Certificate[] ax509certificate,
String s) throws CertificateException {
if (this.certificates == null) {
this.certificates = ax509certificate;
System.out.println("init at checkServerTrusted");
}
// for (int c = 0; c < certificates.length; c++) {
// X509Certificate cert = certificates[c];
// System.out.println(" Server certificate " + (c + 1) + ":");
// System.out.println(" Subject DN: " + cert.getSubjectDN());
// System.out.println(" Signature Algorithm: "
// + cert.getSigAlgName());
// System.out.println(" Valid from: " + cert.getNotBefore());
// System.out.println(" Valid until: " + cert.getNotAfter());
// System.out.println(" Issuer: " + cert.getIssuerDN());
// }
}
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
};
public static String getMethod(String urlString) {
ByteArrayOutputStream buffer = new ByteArrayOutputStream(512);
try {
URL url = new URL(urlString);
/*
* use ignore host name verifier
*/
HttpsURLConnection.setDefaultHostnameVerifier(ignoreHostnameVerifier);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
// Prepare SSL Context
TrustManager[] tm = { ignoreCertificationTrustManger };
SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");
sslContext.init(null, tm, new java.security.SecureRandom());
// 从上述SSLContext对象中得到SSLSocketFactory对象
SSLSocketFactory ssf = sslContext.getSocketFactory();
connection.setSSLSocketFactory(ssf);
InputStream reader = connection.getInputStream();
byte[] bytes = new byte[512];
int length = reader.read(bytes);
do {
buffer.write(bytes, 0, length);
length = reader.read(bytes);
} while (length > 0);
// result.setResponseData(bytes);
System.out.println(buffer.toString());
reader.close();
connection.disconnect();
} catch (Exception ex) {
ex.printStackTrace();
} finally {
}
String repString= new String (buffer.toByteArray());
return repString;
}
// public static void main(String[] args) {
// String urlString = "https://218.202.0.241:8081/XMLReceiver";
// String output = new String(HttpsUtil.getMethod(urlString));
// System.out.println(output);
// }
}
关于httpclient 请求https (如何绕过证书验证)的更多相关文章
- 轻松把玩HttpClient之配置ssl,采用绕过证书验证实现https
上篇文章说道httpclient不能直接访问https的资源,这次就来模拟一下环境,然后配置https测试一下.在前面的文章中,分享了一篇自己生成并在tomcat中配置ssl的文章<Tomcat ...
- [Java] 绕过证书验证调 HTTPS 接口时报 “SSLHandshakeException: DHPublicKey does not comply to algorithm constraints”的解决办法
作者: zyl910 一.缘由 最近有在对接一个无证书的HTTPS接口时,总是收到"SSLHandshakeException: DHPublicKey does not comply to ...
- [转]java 关于httpclient 请求https (如何绕过证书验证)
原文:http://www.blogjava.net/hector/archive/2012/10/23/390073.html 第一种方法,适用于httpclient4.X 里边有get和post两 ...
- httpclient绕过证书验证进行HTTPS请求
http请求是我们常用的一种web应用的应用层协议,但是由于它的不安全性,现在正在逐渐向https协议过渡.https协议是在http的基础上进行了隧道加密,加密方式有SSL和TLS两种.当serve ...
- linux 测试 get 请求 跳过SSL证书验证
Linux 下测试 get 请求: curl : curl "http://www.qq.com" # 标准输出页面内容 curl -i "http://www.qq.c ...
- Axis 1 https(SSL) client 证书验证错误ValidatorException workaround
Axis 1.x 编写的client在测试https的webservice的时候, 由于client 代码建立SSL连接的时候没有对truststore进行设置,在与https部署的webservic ...
- Android 实现 HttpClient 请求Https
如题,默认下,HttpClient是不能请求Https的,需要自己获取 private static final int SET_CONNECTION_TIMEOUT = 5 * 1000; priv ...
- java请求https地址如何绕过证书验证?
原文http://www.blogjava.net/hector/archive/2012/10/23/390073.html 第一种方法,适用于httpclient4.X 里边有get和post两种 ...
- 请求https前缀的网站验证SSL证书的解决方案之一
from requests.packages.urllib3.exceptions import InsecureRequestWarning # 禁用安全请求警告requests.packages. ...
随机推荐
- 用IE滤镜实现的一些特效
CSS3是当下非常火的一个话题,很多浏览器都已经开始支持这一特性,然后IE这个拥有庞大用户群体的平台,却无法提供这样的支持,即便是IE9发布,也无法改变这一事实,然而,幸运的是,IE并非在这方面毫无作 ...
- php格式化时间
1.Y 年份的四位数 2.m 月份的数字(01-12) 3.d 一个月中的第几天(01-31) 4.w 星期几的数字表示(0-6) 5.H 24小时制(00-23) 6.i 分(00-59) 7.s ...
- 结构型设计模式之享元模式(Flyweight)
结构 意图 运用共享技术有效地支持大量细粒度的对象. 适用性 一个应用程序使用了大量的对象. 完全由于使用大量的对象,造成很大的存储开销. 对象的大多数状态都可变为外部状态. 如果删除对象的外部状态, ...
- 大(NOIP模拟赛Round #10)
题目描述: 小Z有个n个点的高清大图,每个点有且只有一条单向边的出边.现在你可以翻转其中的一些边,使他从任何一个点都不能通过一些道路走回这个点.为了方便,你只需输出方案数对取模即可.当在两个方案中有任 ...
- 基于CSOCKET的Client简单实例(转)
原文转自 http://blog.csdn.net/badagougou/article/details/78410382 第一步:创建一个基类为CSOCKET类的新类,Cclient,并在主对话框类 ...
- python接口自动化1-发送get请求【转载】
本篇转自博客:上海-悠悠 原文地址:http://www.cnblogs.com/yoyoketang/tag/python%E6%8E%A5%E5%8F%A3%E8%87%AA%E5%8A%A8%E ...
- Postman前端HTTP请求调试神器教程
Postman功能: 主要用于模拟网络请求包 快速创建请求 回放.管理请求 快速设置网络代理 我们看下界面: 一 接口请求流程: 二 postman使用 从流程图中我们可以看出,一个接口请求需要设 ...
- Web开发之编码与解码、签名、加密与解密
在Web开发中,编码与解码.签名.加密与解密是非常常见的问题.本文不会介绍具体实例,而是介绍这些的原理.用途与区别.一.编码与解码 在Web开发中,需要通过URL的query参数来传递数 ...
- Python的网络编程[1] -> FTP 协议[1] -> 使用 pyftplib 建立 FTP 服务器
使用 pyftplib 建立 FTP 服务器 pyftplib 主要用于建立 FTP Server,与 ftplib 建立的 Client 进行通信. 快速导航 1. 模块信息 2. 建立 FTP 服 ...
- 由"软件是干什么的"引发的思考
自工作以来,都只在进行模块的开发,很少站在整个项目的角度思考过.甚至,自己开发的软件,自己都没有去用过,包括开发的一些APP,都没有下载来认真体验过.思考过.却对自己手机上那些用过的A ...