java 主动信任证书

SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(keyStore, mid.toCharArray()).loadTrustMaterial(keyStore, new TrustStrategy() {

    // 信任所有

    public boolean isTrusted(java.security.cert.X509Certificate[] chain, String authType) {

        return true;

    }

}).build();

SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" },

            null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

包: https://files.cnblogs.com/files/xiluhua/httpclient-4.3.3.zip

完整代码:

package com.taiping.dianshang.payment.service.wechat.fromWechat;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import java.util.Map;

import javax.net.ssl.SSLContext;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

import org.apache.http.HttpEntity;

import org.apache.http.HttpHost;

import org.apache.http.HttpResponse;

import org.apache.http.client.methods.HttpPost;

import org.apache.http.conn.ClientConnectionManager;

import org.apache.http.conn.params.ConnRoutePNames;

import org.apache.http.conn.scheme.Scheme;

import org.apache.http.conn.scheme.SchemeRegistry;

import org.apache.http.conn.ssl.SSLSocketFactory;

import org.apache.http.entity.StringEntity;

import org.apache.http.impl.client.DefaultHttpClient;

import org.springframework.stereotype.Component;

import com.taiping.dianshang.constant.ConstantTool;

import com.taiping.facility.cache.container.CacheContainer;

import com.taiping.facility.tool.FileStreamTool;

import com.taiping.facility.tool.LogTool;

import com.taiping.facility.tool.MapTool;

import com.taiping.facility.tool.PropertyFileTool;

/**

 *

 * @author xilh

 * @since 20200409

 */

@Component

public class HttpclientImpl_ssl {

	/**

	 * @author xilh

	 * @since 20200324

	 */

	@SuppressWarnings({ "unchecked", "deprecation" })

	public String post(String url, Object obj, Map<String, Object> httpclientParams) throws Exception {

		HttpPost httpPost = null;

		String responseMsg = null;

		Map<String, Object> map  = (Map<String, Object>)obj;

		String trans = MapTool.getStringFromMap(map, "trans");

		String packet = MapTool.getStringFromMap(map, "packet");

		DefaultHttpClient httpclient = new DefaultHttpClient();

		// 代理的设置

		String value = CacheContainer.getSystemParameterValue("internet.proxy");

		if (LogTool.isLocal) {

			value = PropertyFileTool.get("internet.proxy");

		}

		LogTool.info(this.getClass(), trans+", proxy: "+value);

		String[] arr = value.split(":");

        HttpHost proxy = new HttpHost(arr[0], Integer.valueOf(arr[1]));

        httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);

		try {

			// Secure Protocol implementation.

			SSLContext ctx = SSLContext.getInstance("TLS");

			// Implementation of a trust manager for X509 certificates

			X509TrustManager tm = new X509TrustManager() {

				public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {

				}

				public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {

				}

				public X509Certificate[] getAcceptedIssuers() {

					return null;

				}

			};

			ctx.init(null, new TrustManager[] { tm }, null);

			SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

			ClientConnectionManager ccm = httpclient.getConnectionManager();

			// register https protocol in httpclient's scheme registry

			SchemeRegistry sr = ccm.getSchemeRegistry();

			sr.register(new Scheme("https", 443, ssf));

			httpclient = new DefaultHttpClient(ccm, httpclient.getParams());

			// String auth = CacheContainer.getSysParamValue("authorization.token.18", true);

			// appKey :"TPJJ"     appSecret: "yMJlPH9RnjxpqhyysxaIXYT82U1Sh32q"

			//装配post请求参数

			httpPost = new HttpPost(url);

			httpPost.setHeader("Content-Type","application/json;charset=UTF-8");

//	        List<BasicNameValuePair> list = new ArrayList<BasicNameValuePair>();

//	        list.add(new BasicNameValuePair("appKey", "TPJJ"));

//	        list.add(new BasicNameValuePair("appSecret", "yMJlPH9RnjxpqhyysxaIXYT82U1Sh32q"));

//	        list.add(new BasicNameValuePair("tokenExpireDay", "7"));

	        httpPost.setEntity(new StringEntity((String)packet,"application/json", ConstantTool.UTF8));

			HttpResponse response = httpclient.execute(httpPost);

			HttpEntity entity = response.getEntity();

			byte buffer[] = FileStreamTool.read(entity.getContent());

			LogTool.info(this.getClass(), trans+", buffer size: "+buffer.length);

			if (buffer != null && buffer.length > 0) {

				responseMsg = new String(buffer, ConstantTool.UTF8);

			}

			LogTool.info(this.getClass(), trans+", responseMsg: "+responseMsg);

			System.out.println();

		} catch (Exception e) {

			LogTool.error(this.getClass(), e);

		} finally{

			if (httpPost != null) {

				// 关闭请求

				httpPost.releaseConnection();

			}

		}

		return responseMsg;

	}

}

  

java 主动信任证书的更多相关文章

  1. java将SSL证书导入系统密钥库

    之前安装JIRA和Confluence,配置了SSL证书之后遇到应用程序链接的问题: SSL证书不被信任,导致JIRA和Confluence无法关联. 尝试过很多办法无果之后打算放弃. 最终还是放弃了 ...

  2. 【Java】Java与数字证书

    Java与数字证书 Java与数字证书 证书的签发和应用 证书的内容和意义 其它 证书(Certificate,也称public-key certificate)是用某种签名算法对某些内容(比如公钥) ...

  3. https本地自签名证书添加到信任证书访问

    1.背景 本文适用于基于https(http+ssl)的网站通信.本地调试等,上线是请寻找免费 ssl证书申请. 本地调试过程中,一些特殊的场景需要我使用http+ssl通信,比如在Chrome中使用 ...

  4. JAVA中SSL证书认证通讯

    JAVA中SSL证书认证通讯 SSL通讯服务端 /******************************************************************** * 项目名称 ...

  5. nginx https ssl 设置受信任证书[转然哥]

    nginx https ssl 设置受信任证书[原创] 1. 安装nginx 支持ssl模块 http://nginx.org/en/docs/configure.html yum -y instal ...

  6. 抓包工具fiddler下载配置(一):下载/安装&信任证书

    简介 Fiddler一个http协议调试代理工具,它能够记录并检查所有你的电脑和互联网之间的http通讯,设置断点,查看所有的“进出”Fiddler的数据(指cookie,html,js,css等文件 ...

  7. 【证书】curl 和 java 请求报证书错误

    1. 说明: 以下:例子的域名因为工作环境的问题,被我拿自己的博客域名替代了,所以无法进行模拟测试,请珍重,哈哈! 2. 环境: centos:7.5 java jdk:1.8.0_74 3. cur ...

  8. java HttpClient 忽略证书的信任的实现 MySSLProtocolSocketFactory

    当不需要任何证书访问https时,java中先实现一个MySSLProtocolSocketFactory类忽略证书的信任 package com.tgb.mq.producer.utils; imp ...

  9. httpclient 无信任证书使用https

    1.当不需要使用任何证书访问https网页时,只需配置信任任何证书 HttpClient http = new HttpClient(); String url = "https://pay ...

随机推荐

  1. iSensor APP 之 摄像头调试 OV3640 OV2640 MT9d112 ov5642

    iSensor APP 之 摄像头调试  OV3640 OV2640 MT9d112 iSensor app 非常适合调试各种摄像头,已测试通过的sensor有: l  OV7670.OV7725.O ...

  2. MT9V034 全局快门体验总结

    MT9V034 全局快门体验总结 部分照片来源网络,尊重版权. . 这个是实物照片 全局快门(相对滚动快门) 拍摄高速物体的效果 高动态效果 低照度和高照度对比 实际拍照效果图(来自网友华健) 特殊应 ...

  3. 国内下载vscode速度慢解决

    找到对应的文件,点击下载,会出现一个类似下面的链接: https://az764295.vo.msecnd.net/stable/f06011ac164ae4dc8e753a3fe7f9549844d ...

  4. k8s 开船记:升级为豪华邮轮(高可用集群)与遇到奇怪故障(dns解析异常)

    之前我们搭建的 k8s 集群只用了1台 master ,可用性不高,这两天开始搭建高可用集群,但由于之前用 kubeadm 命令创建集群时没有使用 --control-plane-endpoint 参 ...

  5. TypeScript躬行记(3)——类

    类是对对象的抽象,描述了对象的特征和行为,而对象就是类的实例.ES6引入了类的概念(相关内容可参考ES类和ES6类的继承两节),TypeScript在此基础上,不仅根据ES7等规范完善了类的语法,还添 ...

  6. python基础入门 列表

    列表 1.关键字---list 2.定义:用来存储数据可存储多种数据类型 支持索引,切片 是有序的 可变的 3.定义一个列表 l1 = ['列表','字符串','lnh',123,'kk0','ttt ...

  7. Cesium案例解析(二)——ImageryLayers影像图层

    目录 1. 概述 2. 实例 2.1. ImageryLayers.html 2.2. ImageryLayers.js 2.2.1. 代码 2.2.2. 解析 3. 结果 1. 概述 Cesium支 ...

  8. aspnet boilerplate 随笔二

    项目框架介绍: 1:Application: 在service里面事件具体业务,Dto相当于viewmodel实现了验证 2:Core:实现了数据层Model   3:EntityFrameworkC ...

  9. SpringCloud-服务注册与实现-Eureka创建服务注册中心(附源码下载)

    场景 SpringCloud学习之运行第一个Eureka程序: https://blog.csdn.net/BADAO_LIUMANG_QIZHI/article/details/90611451 S ...

  10. CAS客户端与SpringSecurity集成

    4. CAS客户端与SpringSecurity集成 4.1 Spring Security测试工程搭建 (1)建立Maven项目casclient_demo3 ,引入spring依赖和spring ...