生成证书

openssl genrsa -des3 -out server.key 2048
openssl req -new -x509 -key server.key -out ca.crt -days 3650
openssl pkcs12 -export -out server.p12 -inkey server.key -in server.crt

1.继承SSLSocketFactory

/**
* Author:JsonLu
* DateTime:2016/5/31 19:46
* Email:jsonlu@qq.com
* Desc:
**/
public class SecureSSLSocketFactory extends SSLSocketFactory { private final SSLContext sslContext = SSLContext.getInstance("TLS"); public SecureSSLSocketFactory(KeyStore keystore, String keystorePassword, KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
super(keystore, keystorePassword, truststore);
try {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, keystorePassword.toCharArray());
KeyManager[] km = keyManagerFactory.getKeyManagers();
TrustManager[] tm = null;
if (truststore == null) {
tm = new TrustManager[] { new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[] {};
}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
} @Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
}
} };
} else {
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(truststore);
tm = trustManagerFactory.getTrustManagers();
}
sslContext.init(km, tm, null);
} catch (Exception e) {
e.printStackTrace();
}
} @Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
} @Override
public Socket createSocket() throws IOException {
return sslContext.getSocketFactory().createSocket();
}
}

2.

/**
* Author:JsonLu
* DateTime:2016/5/31 20:02
* Email:jsonlu@qq.com
* Desc:
**/
public class SecureHttpsClient extends DefaultHttpClient { private static KeyStore keyStore,trustStore;
private static String keyStorePwd;
private Context ctx;
private final String KEYSTORE_FILE = "client.p12";
private final String TRUESTSTORE_FILE = "server.p12";
private final String KEYSTORE_PWD = "a123456789";
private final String TRUESTSORE_PWD = "a123456"; public SecureHttpsClient(Context context){
ctx = context;
init(KEYSTORE_FILE,KEYSTORE_PWD,TRUESTSTORE_FILE,TRUESTSORE_PWD);
} public void init(KeyStore keyStore,KeyStore trustStore,String keyStorePwd){
this.keyStore = keyStore;
this.trustStore = trustStore;
this.keyStorePwd = keyStorePwd;
} public void init(String keyStoreFile,String keyStorePwd,String trustStoreFile,String truestStorePwd){
this.keyStore = getKeyStoreByP12(keyStoreFile,keyStorePwd);
this.trustStore = getKeyStoreByP12(trustStoreFile,truestStorePwd);
this.keyStorePwd = keyStorePwd;
} @Override
protected ClientConnectionManager createClientConnectionManager() {
try {
SecureSSLSocketFactory sf = new SecureSSLSocketFactory(keyStore, keyStorePwd, trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return ccm;
} catch (Exception e) {
e.printStackTrace();
}
return null;
} public KeyStore getKeyStoreByP12(String p12File, String p12Pwd) {
InputStream p12In = null;
try {
p12In = ctx.getResources().getAssets().open(p12File);
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(p12In, p12Pwd.toCharArray());
return keyStore;
} catch (Exception e) {
e.printStackTrace();
return null;
} finally {
try {
if (p12In != null) {
p12In.close();
}
} catch (Exception e2) {
e2.printStackTrace();
}
}
}
}

3.

/**
* Author:JsonLu
* DateTime:2016/5/31 20:28
* Email:jsonlu@qq.com
* Desc:
**/
public class CallServer { private final String HTTPS_URL = "https://192.168.8.116:8443/"; private DefaultHttpClient getSumpayHttpsClient(Context context) {
SecureHttpsClient client = new SecureHttpsClient(context);
client.getParams().setIntParameter(HttpConnectionParams.CONNECTION_TIMEOUT,60);
client.getParams().setIntParameter(HttpConnectionParams.SO_TIMEOUT,60);
return client;
} public String goHttpsPost(String method,HashMap<String, String> reqParmas, Context context) {
String result = null;
HttpPost post = new HttpPost(HTTPS_URL + method);
HttpResponse response;
try {
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
Set<String> paramsKeySet = reqParmas.keySet();
Iterator<String> ite = paramsKeySet.iterator();
while (ite.hasNext()) {
String key = ite.next();
nameValuePairs.add(new BasicNameValuePair(key, reqParmas
.get(key)));
}
post.setEntity(new UrlEncodedFormEntity(nameValuePairs, "utf-8"));
DefaultHttpClient httpClient = getSumpayHttpsClient(context);
response = httpClient.execute(post);
if (response.getStatusLine().getStatusCode() != 404) {
result = EntityUtils.toString(response.getEntity(), "utf-8");
} else { }
} catch (IOException e) {
e.printStackTrace();
return null;
} finally {
post.abort();
}
Log.d("https请求返回数据",result);
return result;
}
}

4.

/**
* Author:JsonLu
* DateTime:2016/5/31 20:33
* Email:jsonlu@qq.com
* Desc:
**/
public class DemoHttps extends Activity{ private CallServer callServer = new CallServer();
private TextView tv_content;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
tv_content = (TextView) findViewById(R.id.content);
} public void onClick(View v){
new Thread(){
@Override
public void run() {
HashMap hashMap = new HashMap<String,String>();
hashMap.put("data","data");
String res = callServer.goHttpsPost("https", hashMap, getBaseContext());
Message msg = new Message();
msg.obj = res;
handler.sendMessage(msg);
}
}.start();
} Handler handler = new Handler(){
@Override
public void handleMessage(Message msg) {
tv_content.setText((String) msg.obj);
}
};
}

  

HTTPS双向认证的更多相关文章

  1. HTTPS 双向认证构建移动设备安全体系

    HTTPS 双向认证构建移动设备安全体系 对于一些高安全性要求的企业内项目,我们有时希望能够对客户端进行验证.这个时候我们可以使用Https的双向认证机制来实现这个功能. 单向认证:保证server是 ...

  2. Tomcat 配置 HTTPS双向认证

    Tomcat 配置 HTTPS 双向认证指引说明: � 本文档仅提供 Linux 操作系统下的指引 � 在阅读本指引前请您在 Linux 部署 JDK 和 Tomcatserver为了 Tomcat ...

  3. httpd设置HTTPS双向认证

    去年用tomcat.jboss配置过HTTPS双向认证,那时候主要用的是JDK自带的keytool工具.这次是用httpd + openssl,区别比较大 在网上搜索了很多文章,发现全面介绍的不多,或 ...

  4. Https双向认证Android客户端配置

    Https .cer证书转换为BKS证书 公式https://blog.csdn.net/zww986736788/article/details/81708967 keytool -importce ...

  5. Android Https双向认证 + GRPC

    keywords:android https 双向认证android GRPC https 双向认证 ManagedChannel channel = OkHttpChannelBuilder.for ...

  6. 双向认证 HTTPS双向认证

    [微信支付]微信小程序支付开发者文档 https://pay.weixin.qq.com/wiki/doc/api/wxa/wxa_api.php?chapter=4_3 HTTPS双向认证使用说明 ...

  7. https双向认证訪问管理后台,採用USBKEY进行系统訪问的身份鉴别,KEY的证书长度大于128位,使用USBKEY登录

    近期项目需求,须要实现用USBKEY识别用户登录,採用https双向认证訪问管理后台管理界面,期间碰到过一些小问题,写出来给大家參考下. 1:前期准备工作 USBKEY 硬件:我买的是飞天诚信 epa ...

  8. nodejs之https双向认证

    说在前面 之前我们总结了https的相关知识,如果不懂可以看我另一篇文章:白话理解https 有关证书生成可以参考:自签证书生成 正题 今天使用nodejs来实现https双向认证 话不多说,直接进入 ...

  9. SpringBoot服务间使用自签名证书实现https双向认证

    SpringBoot服务间使用自签名证书实现https双向认证 以服务server-one和server-two之间使用RestTemplate以https调用为例 一.生成密钥 需要生成server ...

  10. Keytool配置 Tomcat的HTTPS双向认证

    Keytool配置 Tomcat的HTTPS双向认证 证书生成 keytool 简介 Keytool是一个Java数据证书的管理工具, Keytool将密钥(key)和证书(certificates) ...

随机推荐

  1. 显示Mac电脑下的隐藏文件

    1. 在应用程序里打开终端, cd 你的文件夹名 ls -a 即可显示该文件夹下的所有隐藏文件 2. 如果你想打开整个系统的隐藏文件可以在终端下输入以下命令 defaults write com.ap ...

  2. Solr4.8.0源码分析(23)之SolrCloud的Recovery策略(四)

    Solr4.8.0源码分析(23)之SolrCloud的Recovery策略(四) 题记:本来计划的SolrCloud的Recovery策略的文章是3篇的,但是没想到Recovery的内容蛮多的,前面 ...

  3. 转:六百字读懂Git

    原文来自于:http://www.techug.com/git-in-600-words 译注:来自 Hacker School 的 Mary Rose Cook 最近实现了一个纯 JavaScrip ...

  4. PHP中的MVC

    在PHP中使用MVC越来越流行了,特别是在一些开源的框架当中.MVC足以应对大多数的情况,但还有一些情况是其不太适合的,如比较简单的个人博客,对于只有几百篇文章量级的博客,使用MVC让人觉得有些太复杂 ...

  5. Java增强的泛型

    尽管Java 8是2014年年初才发布的,而Java 9要等到2016年年中,但是目前有一些计划放到某个未来版本(希望是Java 10)中的特性已经合并了进来. 具体而言,有两个比较大的特性已经开始原 ...

  6. Robot Motion

    Description A robot has been programmed to follow the instructions in its path. Instructions for the ...

  7. keil uVision4一些使用总结(汉字注释,C关键字等)

    近日心血来潮,下载了最新的版的keil,再加上protues ,想弄个虚拟环境.主要原因还是经济问题.电子元件,是要花钱的... 今天遇到些keil uVision 4使用方面的问题,记录下来,方便以 ...

  8. 如何用正则匹配后缀名不为.jpg, .css, .js, .html, .htm, .png的文件

    有网友碰到过这样的问题:如何用正则匹配后缀名不为.jpg, .css, .js, .html, .htm, .png的文件,问题详细内容为: 如何用正则匹配后缀名不为.jpg, .css, .js, ...

  9. CH Round #58 - OrzCC杯noip模拟赛day2

    A:颜色问题 题目:http://ch.ezoj.tk/contest/CH%20Round%20%2358%20-%20OrzCC杯noip模拟赛day2/颜色问题 题解:算一下每个仆人到它的目的地 ...

  10. 实战weblogic集群之安装weblogic

    一.系统及软件版本 OS版本:Red Hat Enterprise Linux Server release 6.6WebLogic Server 版本: 10.3.3.0JDK版本:1.7.0_79 ...