import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;
public class MyHttpsConnection {
private myX509TrustManager xtm = new myX509TrustManager();
private myHostnameVerifier hnv = new myHostnameVerifier();
public MyHttpsConnection() {
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLS");
X509TrustManager[] xtmArray = new X509TrustManager[] { xtm };
sslContext.init(null, xtmArray, new java.security.SecureRandom());
} catch (Exception gse) {
gse.printStackTrace();
}
if (sslContext != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
}
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
}
}
class myX509TrustManager implements X509TrustManager {
public myX509TrustManager() {
}
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}
class myHostnameVerifier implements HostnameVerifier {
public myHostnameVerifier() {
}
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
调用时类似
new MyHttpsConnection();
URLConnection urlCon = (new URL(url)).openConnection();
urlCon.setConnectTimeout(5000);
https的证书发放是基于x509的
证书可以是自己生成的(叫做自签名证书),可以是CA中心发放的
X509TrustManager产生的就是一个自签名证书。。
因为你配置的tomcat和google https接受自签名证书,所以才能访问。
内容全部来源于网络收集,如有侵权,请联系网站删除:QQ:24596024