码迷,mamicode.com
首页 > Web开发 > 详细

HttpClient配置SSL绕过https证书

时间:2018-06-28 15:22:57      阅读:219      评论:0      收藏:0      [点我收藏+]

标签:The   cat   stat   text   als   需要   seh   toc   soft   

https://blog.csdn.net/irokay/article/details/78801307

 

 

HttpClient简介

HTTP 协议可能是现在 Internet 上使用得最多、最重要的协议了,越来越多的 Java 应用程序需要直接通过 HTTP 协议来访问网络资源。虽然在 JDK 的 java.net 包中已经提供了访问 HTTP 协议的基本功能,但是对于大部分应用程序来说,JDK 库本身提供的功能还不够丰富和灵活。HttpClient 是 Apache Jakarta Common 下的子项目,用来提供高效的、最新的、功能丰富的支持 HTTP 协议的客户端编程工具包,并且它支持 HTTP 协议最新的版本和建议。HttpClient 已经应用在很多的项目中,比如 Apache Jakarta 上很著名的另外两个开源项目 Cactus 和 HTMLUnit 都使用了 HttpClient。更多信息请关注http://hc.apache.org/

请求步骤

许多需要后台模拟请求的系统或者框架都用的是httpclient,使用HttpClient发送请求、接收响应很简单,一般需要如下几步即可:

  1. 创建CloseableHttpClient对象。
  2. 创建请求方法的实例,并指定请求URL。如果需要发送GET请求,创建HttpGet对象;如果需要发送POST请求,创建HttpPost对象。
  3. 如果需要发送请求参数,可可调用setEntity(HttpEntity entity)方法来设置请求参数。setParams方法已过时(4.4.1版本)。
  4. 调用HttpGet、HttpPost对象的setHeader(String name, String value)方法设置header信息,或者调用setHeaders(Header[] headers)设置一组header信息。
  5. 调用CloseableHttpClient对象的execute(HttpUriRequest request)发送请求,该方法返回一个CloseableHttpResponse。
  6. 调用HttpResponse的getEntity()方法可获取HttpEntity对象,该对象包装了服务器的响应内容。程序可通过该对象获取服务器的响应内容;调用CloseableHttpResponse的getAllHeaders()、getHeaders(String name)等方法可获取服务器的响应头。
  7. 释放连接。无论执行方法是否成功,都必须释放连接

先看个官方HttpClient通过Http协议发送get请求,请求网页内容的例子:

1.ClientWithResponseHandler.java

/*
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of the Apache Software Foundation.  For more
 * information on the Apache Software Foundation, please see
 * <http://www.apache.org/>.
 *
 */

package org.apache.http.examples.client;

import java.io.IOException;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

/**
 * This example demonstrates the use of the {@link ResponseHandler} to simplify
 * the process of processing the HTTP response and releasing associated resources.
 */
public class ClientWithResponseHandler {

    public final static void main(String[] args) throws Exception {
        CloseableHttpClient httpclient = HttpClients.createDefault();
        try {
            HttpGet httpget = new HttpGet("http://www.baidu.com/");

            System.out.println("Executing request " + httpget.getRequestLine());

            // Create a custom response handler
            ResponseHandler<String> responseHandler = new ResponseHandler<String>() {

                @Override
                public String handleResponse(
                        final HttpResponse response) throws ClientProtocolException, IOException {
                    int status = response.getStatusLine().getStatusCode();
                    if (status >= 200 && status < 300) {
                        HttpEntity entity = response.getEntity();
                        return entity != null ? EntityUtils.toString(entity) : null;
                    } else {
                        throw new ClientProtocolException("Unexpected response status: " + status);
                    }
                }

            };
            String responseBody = httpclient.execute(httpget, responseHandler);
            System.out.println("----------------------------------------");
            System.out.println(responseBody);
        } finally {
            httpclient.close();
        }
    }

}

我把上述例子中的请求地址改为了“http://www.baidu.com/”,运行后控制台可以获取百度首页网页内容:

技术分享图片

下面把地址改为https地址:https://www.baidu.com/,再次尝试运行: 
报错了,提示unable to find valid certification path to requested target,无法通过htpps认证。

正规途径,我们需要将证书导入到密钥库中,现在我们采取另外一种方式:绕过https证书认证实现访问。

2.Method SSLContext

/** 
* 绕过验证 
*   
* @return 
* @throws NoSuchAlgorithmException  
* @throws KeyManagementException  
*/  
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {  
        SSLContext sc = SSLContext.getInstance("SSLv3");  

        // 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法  
        X509TrustManager trustManager = new X509TrustManager() {  
            @Override  
            public void checkClientTrusted(  
                    java.security.cert.X509Certificate[] paramArrayOfX509Certificate,  
                    String paramString) throws CertificateException {  
            }  

            @Override  
            public void checkServerTrusted(  
                    java.security.cert.X509Certificate[] paramArrayOfX509Certificate,  
                    String paramString) throws CertificateException {  
            }  

            @Override  
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {  
                return null;  
            }  
        };  

        sc.init(null, new TrustManager[] { trustManager }, null);  
        return sc;  
    }

修改1中main方法:

public final static void main(String[] args) throws Exception {

        String body = "";

        //采用绕过验证的方式处理https请求  
        SSLContext sslcontext = createIgnoreVerifySSL();  

        //设置协议http和https对应的处理socket链接工厂的对象  
        Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()  
            .register("http", PlainConnectionSocketFactory.INSTANCE)  
            .register("https", new SSLConnectionSocketFactory(sslcontext))  
            .build();  
        PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);  
        HttpClients.custom().setConnectionManager(connManager); 


        //创建自定义的httpclient对象  
        CloseableHttpClient client = HttpClients.custom().setConnectionManager(connManager).build();  
        //CloseableHttpClient client = HttpClients.createDefault();  

        try{
            //创建get方式请求对象  
            HttpGet get = new HttpGet("https://www.baidu.com/");

            //指定报文头Content-type、User-Agent  
            get.setHeader("Content-type", "application/x-www-form-urlencoded");  
            get.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2");

            //执行请求操作,并拿到结果(同步阻塞)  
            CloseableHttpResponse response = client.execute(get);  

            //获取结果实体  
            HttpEntity entity = response.getEntity(); 
            if (entity != null) {  
                //按指定编码转换结果实体为String类型  
                body = EntityUtils.toString(entity, "UTF-8");  
            }  

            EntityUtils.consume(entity);  
            //释放链接  
            response.close(); 
            System.out.println("body:" + body);
        } finally{
            client.close();
       }
    }

运行代码,获取网页内容成功!

同理,再尝试下post请求:

public final static void main(String[] args) throws Exception {

        String body = "";

        //采用绕过验证的方式处理https请求  
        SSLContext sslcontext = createIgnoreVerifySSL();  
        //设置协议http和https对应的处理socket链接工厂的对象  
        Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()  
            .register("http", PlainConnectionSocketFactory.INSTANCE)  
            .register("https", new SSLConnectionSocketFactory(sslcontext))  
            .build();  
        PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);  
        HttpClients.custom().setConnectionManager(connManager); 

        //创建自定义的httpclient对象  
        CloseableHttpClient client = HttpClients.custom().setConnectionManager(connManager).build();  
        //CloseableHttpClient client = HttpClients.createDefault();

        try{
            //创建post方式请求对象  
            HttpPost httpPost = new HttpPost("https://api.douban.com/v2/book/1220562"); 


            //指定报文头Content-type、User-Agent
            httpPost.setHeader("Content-type", "application/x-www-form-urlencoded");  

            httpPost.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2");


            //执行请求操作,并拿到结果(同步阻塞)  
            CloseableHttpResponse response = client.execute(httpPost);  

            //获取结果实体  
            HttpEntity entity = response.getEntity(); 
            if (entity != null) {  
                //按指定编码转换结果实体为String类型  
                body = EntityUtils.toString(entity, "UTF-8");  
            }  

            EntityUtils.consume(entity);  
            //释放链接  
            response.close(); 
            System.out.println("body:" + body);
        }finally{
            client.close();
        }
    }

https地址以豆瓣的一个api为例,获得ID为1220562的书的信息。 
运行代码:

技术分享图片

获取返回信息成功。

本博客例子下载地址: 
http://download.csdn.net/download/irokay/10158259 
例子中包含以上工程代码,以及所需HttpClient组件jar库。

参考: 
https://www.cnblogs.com/ITtangtang/p/3968093.html 
http://blog.csdn.net/xiaoxian8023/article/details/49865335 
https://www.cnblogs.com/ITtangtang/p/3968093.html

HttpClient配置SSL绕过https证书

标签:The   cat   stat   text   als   需要   seh   toc   soft   

原文地址:https://www.cnblogs.com/yaowen/p/9238651.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!