java 主动信任证书

SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(keyStore, mid.toCharArray()).loadTrustMaterial(keyStore, new TrustStrategy() {

    // 信任所有

    public boolean isTrusted(java.security.cert.X509Certificate[] chain, String authType) {

        return true;

    }

}).build();

SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" },

            null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

包: https://files.cnblogs.com/files/xiluhua/httpclient-4.3.3.zip

完整代码:

package com.taiping.dianshang.payment.service.wechat.fromWechat;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import java.util.Map;

import javax.net.ssl.SSLContext;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

import org.apache.http.HttpEntity;

import org.apache.http.HttpHost;

import org.apache.http.HttpResponse;

import org.apache.http.client.methods.HttpPost;

import org.apache.http.conn.ClientConnectionManager;

import org.apache.http.conn.params.ConnRoutePNames;

import org.apache.http.conn.scheme.Scheme;

import org.apache.http.conn.scheme.SchemeRegistry;

import org.apache.http.conn.ssl.SSLSocketFactory;

import org.apache.http.entity.StringEntity;

import org.apache.http.impl.client.DefaultHttpClient;

import org.springframework.stereotype.Component;

import com.taiping.dianshang.constant.ConstantTool;

import com.taiping.facility.cache.container.CacheContainer;

import com.taiping.facility.tool.FileStreamTool;

import com.taiping.facility.tool.LogTool;

import com.taiping.facility.tool.MapTool;

import com.taiping.facility.tool.PropertyFileTool;

/**

 *

 * @author xilh

 * @since 20200409

 */

@Component

public class HttpclientImpl_ssl {

	/**

	 * @author xilh

	 * @since 20200324

	 */

	@SuppressWarnings({ "unchecked", "deprecation" })

	public String post(String url, Object obj, Map<String, Object> httpclientParams) throws Exception {

		HttpPost httpPost = null;

		String responseMsg = null;

		Map<String, Object> map  = (Map<String, Object>)obj;

		String trans = MapTool.getStringFromMap(map, "trans");

		String packet = MapTool.getStringFromMap(map, "packet");

		DefaultHttpClient httpclient = new DefaultHttpClient();

		// 代理的设置

		String value = CacheContainer.getSystemParameterValue("internet.proxy");

		if (LogTool.isLocal) {

			value = PropertyFileTool.get("internet.proxy");

		}

		LogTool.info(this.getClass(), trans+", proxy: "+value);

		String[] arr = value.split(":");

        HttpHost proxy = new HttpHost(arr[0], Integer.valueOf(arr[1]));

        httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);

		try {

			// Secure Protocol implementation.

			SSLContext ctx = SSLContext.getInstance("TLS");

			// Implementation of a trust manager for X509 certificates

			X509TrustManager tm = new X509TrustManager() {

				public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {

				}

				public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {

				}

				public X509Certificate[] getAcceptedIssuers() {

					return null;

				}

			};

			ctx.init(null, new TrustManager[] { tm }, null);

			SSLSocketFactory ssf = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

			ClientConnectionManager ccm = httpclient.getConnectionManager();

			// register https protocol in httpclient's scheme registry

			SchemeRegistry sr = ccm.getSchemeRegistry();

			sr.register(new Scheme("https", 443, ssf));

			httpclient = new DefaultHttpClient(ccm, httpclient.getParams());

			// String auth = CacheContainer.getSysParamValue("authorization.token.18", true);

			// appKey :"TPJJ"     appSecret: "yMJlPH9RnjxpqhyysxaIXYT82U1Sh32q"

			//装配post请求参数

			httpPost = new HttpPost(url);

			httpPost.setHeader("Content-Type","application/json;charset=UTF-8");

//	        List<BasicNameValuePair> list = new ArrayList<BasicNameValuePair>();

//	        list.add(new BasicNameValuePair("appKey", "TPJJ"));

//	        list.add(new BasicNameValuePair("appSecret", "yMJlPH9RnjxpqhyysxaIXYT82U1Sh32q"));

//	        list.add(new BasicNameValuePair("tokenExpireDay", "7"));

	        httpPost.setEntity(new StringEntity((String)packet,"application/json", ConstantTool.UTF8));

			HttpResponse response = httpclient.execute(httpPost);

			HttpEntity entity = response.getEntity();

			byte buffer[] = FileStreamTool.read(entity.getContent());

			LogTool.info(this.getClass(), trans+", buffer size: "+buffer.length);

			if (buffer != null && buffer.length > 0) {

				responseMsg = new String(buffer, ConstantTool.UTF8);

			}

			LogTool.info(this.getClass(), trans+", responseMsg: "+responseMsg);

			System.out.println();

		} catch (Exception e) {

			LogTool.error(this.getClass(), e);

		} finally{

			if (httpPost != null) {

				// 关闭请求

				httpPost.releaseConnection();

			}

		}

		return responseMsg;

	}

}

  

java 主动信任证书的更多相关文章

  1. java将SSL证书导入系统密钥库

    之前安装JIRA和Confluence,配置了SSL证书之后遇到应用程序链接的问题: SSL证书不被信任,导致JIRA和Confluence无法关联. 尝试过很多办法无果之后打算放弃. 最终还是放弃了 ...

  2. 【Java】Java与数字证书

    Java与数字证书 Java与数字证书 证书的签发和应用 证书的内容和意义 其它 证书(Certificate,也称public-key certificate)是用某种签名算法对某些内容(比如公钥) ...

  3. https本地自签名证书添加到信任证书访问

    1.背景 本文适用于基于https(http+ssl)的网站通信.本地调试等,上线是请寻找免费 ssl证书申请. 本地调试过程中,一些特殊的场景需要我使用http+ssl通信,比如在Chrome中使用 ...

  4. JAVA中SSL证书认证通讯

    JAVA中SSL证书认证通讯 SSL通讯服务端 /******************************************************************** * 项目名称 ...

  5. nginx https ssl 设置受信任证书[转然哥]

    nginx https ssl 设置受信任证书[原创] 1. 安装nginx 支持ssl模块 http://nginx.org/en/docs/configure.html yum -y instal ...

  6. 抓包工具fiddler下载配置(一):下载/安装&信任证书

    简介 Fiddler一个http协议调试代理工具,它能够记录并检查所有你的电脑和互联网之间的http通讯,设置断点,查看所有的“进出”Fiddler的数据(指cookie,html,js,css等文件 ...

  7. 【证书】curl 和 java 请求报证书错误

    1. 说明: 以下:例子的域名因为工作环境的问题,被我拿自己的博客域名替代了,所以无法进行模拟测试,请珍重,哈哈! 2. 环境: centos:7.5 java jdk:1.8.0_74 3. cur ...

  8. java HttpClient 忽略证书的信任的实现 MySSLProtocolSocketFactory

    当不需要任何证书访问https时,java中先实现一个MySSLProtocolSocketFactory类忽略证书的信任 package com.tgb.mq.producer.utils; imp ...

  9. httpclient 无信任证书使用https

    1.当不需要使用任何证书访问https网页时,只需配置信任任何证书 HttpClient http = new HttpClient(); String url = "https://pay ...

随机推荐

  1. 使用iCamera 测试MT9F002 1400w高分辨率摄像头说明

    一.硬件准备 l MT9F002摄像头模块 l iCamera 硬件主板CC1601 l MT9F002转接板(FPC_MT9F002 CB1602) 二.软件准备 l 下载iCamera软件 l 安 ...

  2. 从RTL视图到Verilog语言-转可乐豆原创

    从RTL视图到Verilog语言 曾经听过某位大牛都说:“当你的学习FPGA到一个境界的时候,你看到的硬件描述语言,将不再是单纯的语言,而是由一个个逻辑门组成的电路图,一旦达到这个境界,方能把代码写到 ...

  3. Qt5教程: (9) Qt多线程

    目录 0. 创建工程 1. QThread 源码一览 2. QThread相关方法介绍 2.1 启动线程 2.2 关闭线程 2.3 阻塞线程 2.4线程状态判断 2.5 设置优先级 2.6 信号 3. ...

  4. scikit-learn与数据预处理

    .caret, .dropup > .btn > .caret { border-top-color: #000 !important; } .label { border: 1px so ...

  5. kafka生产消息,streaming消费

    package com.bd.useranalysis.spark.streaming.kafka2es; import com.alibaba.fastjson.JSON; import com.b ...

  6. 3个Spring Boot核心注解,你知道几个?

    Spring Boot 核心注解讲解 Spring Boot 最大的特点是无需 XML 配置文件,能自动扫描包路径装载并注入对象,并能做到根据 classpath 下的 jar 包自动配置. 所以 S ...

  7. 中国剩余定理(CRT)及其拓展(ExCRT)

    中国剩余定理 CRT 推导 给定\(n\)个同余方程 \[ \left\{ \begin{aligned} x &\equiv a_1 \pmod{m_1} \\ x &\equiv ...

  8. python基础知识第七篇(练习)

    # a. 获取内容相同的元素列表 l1 = [11,22,33] l2 = [22,33,44] for l in l1: if l in l2: print(l) # b. 获取 l1 中有, l2 ...

  9. js问题记录(一) -- 关于for in, sort(), 及prototype

    1.关于for in for in : 遍历对象中的可枚举的属性 例子1:for in 遍历对象的键为String类型,所以调用时用Object[key]形式,而不用Object.key形式 < ...

  10. C++生成完全二叉树

    C++生成完全二叉树 2019-12-20 By Gauss 1.背景介绍 完全二叉树是效率很高的数据结构,完全二叉树是由满二叉树而引出来的.对于深度为K的,有n个结点的二叉树,当且仅当其每一个结点都 ...