使用安全套接字层,可以在客户端和服务器之间建立安全连接。它有助于保护敏感信息,如信用卡号,用户名,密码,别针等。
可以使用HttpClient库创建自己的SSL上下文,从而使连接更安全。按照下面给出的步骤使用HttpClient库自定义SSLContext -
第1步 - 创建SSLContextBuilder对象
//Creating SSLContextBuilder object SSLContextBuilder SSLBuilder = SSLContexts.custom();
Java
第2步 - 加载密钥库
在路径
//Loading the Keystore file
File file = new File("mykeystore.jks");
SSLBuilder = SSLBuilder.loadTrustMaterial(file, "changeit".toCharArray());
Java
第3步 - 构建SSLContext对象
//Building the SSLContext SSLContext sslContext = SSLBuilder.build();
Java
第4步 - 创建SSLConnectionSocketFactory对象
可以通过多种方式创建它。根据创建
要仅允许特定协议,请通过传递
new SSLConnectionSocketFactory(sslcontext, new String[]{"TLSv1"}, null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
Java
要允许所有主机,请通过传递
//Creating SSLConnectionSocketFactory SSLConnectionSocketFactory object SSLConnectionSocketFactory sslConSocFactory = new SSLConnectionSocketFactory(sslcontext, new NoopHostnameVerifier());
Java
第5步 - 创建一个HttpClientBuilder对象
使用
//Creating HttpClientBuilder HttpClientBuilder clientbuilder = HttpClients.custom();
Java
第6步 - 设置SSLConnectionSocketFactory对象
使用
//Setting the SSLConnectionSocketFactory clientbuilder = clientbuilder.setSSLSocketFactory(sslConSocFactory);
Java
第7步 - 构建CloseableHttpClient对象
通过调用
//Building the CloseableHttpClient CloseableHttpClient httpclient = clientbuilder.build();
Java
第8步 - 创建一个HttpGet对象
通过传递表示URI的字符串来实例化
//Creating the HttpGet request
HttpGet httpget = new HttpGet("https://yiibai.com/");
Java
第9步 - 执行请求
使用
//Executing the request HttpResponse httpresponse = httpclient.execute(httpget);
Java
示例
以下示例演示了
import java.io.File;
import javax.net.ssl.SSLContext;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;
public class ClientCustomSSL {
public final static void main(String[] args) throws Exception {
//Creating SSLContextBuilder object
SSLContextBuilder SSLBuilder = SSLContexts.custom();
//Loading the Keystore file
File file = new File("mykeystore.jks");
SSLBuilder = SSLBuilder.loadTrustMaterial(file,
"changeit".toCharArray());
//Building the SSLContext usiong the build() method
SSLContext sslcontext = SSLBuilder.build();
//Creating SSLConnectionSocketFactory object
SSLConnectionSocketFactory sslConSocFactory = new SSLConnectionSocketFactory(sslcontext, new NoopHostnameVerifier());
//Creating HttpClientBuilder
HttpClientBuilder clientbuilder = HttpClients.custom();
//Setting the SSLConnectionSocketFactory
clientbuilder = clientbuilder.setSSLSocketFactory(sslConSocFactory);
//Building the CloseableHttpClient
CloseableHttpClient httpclient = clientbuilder.build();
//Creating the HttpGet request
HttpGet httpget = new HttpGet("https://yiibai.com/");
//Executing the request
HttpResponse httpresponse = httpclient.execute(httpget);
//printing the status line
System.out.println(httpresponse.getStatusLine());
//Retrieving the HttpEntity and displaying the no.of bytes read
HttpEntity entity = httpresponse.getEntity();
if (entity != null) {
System.out.println(EntityUtils.toByteArray(entity).length);
}
}
}
Java
执行上面示例代码,得到以下结果:
HTTP/1.1 200 OK 1270