傳送基於TLS1.2的HTTPS請求

阿新 • • 發佈：2019-02-05

本文主要介紹瞭如何傳送基於TLS1.2安全協議的HTTPS請求

由於目前對網路安全越來越重視，我們會在HTTP的基礎上加上一些安全協議

目前最為廣泛所使用的安全協議是TLS1.2

很多服務端容器都已經支援通過配置來設定HTTPS的埠從而支援HTTPS協議

在傳送HTTPS的請求之前我們需要獲取服務端提供的簽名證書

之後將簽名證書通過keytool命令匯入到本地的keystore中，方便java應用對其進行訪問

想要傳送HTTPS（TLS1.2）請求需要2個類的支援：

第一個類：

package com.HTTPtransfer.test;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;

import javax.crypto.Cipher;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

/**
 * Certificate Model
 * 
 * @author 
 * @version 1.0
 * @since 1.0
 */
public class CertificateManager extends Coder {

    /**
     * Java key store (Java Key Store,JKS)KEY_STORE
     */
    public static final String KEY_STORE = "JKS";

    public static final String X509 = "X.509";
    public static final String SunX509 = "SunX509";
    public static final String SSL = "SSL";

    /**
     * accord KeyStore get private key
     * 
     * @param keyStorePath
     * @param alias
     * @param password
     * @return
     * @throws Exception
     */
    private static PrivateKey getPrivateKey(String keyStorePath, String alias, String password) throws Exception {
        KeyStore ks = getKeyStore(keyStorePath, password);
        PrivateKey key = (PrivateKey) ks.getKey(alias, password.toCharArray());
        return key;
    }

    /**
     * accord Certificate get public key
     * 
     * @param certificatePath
     * @return
     * @throws Exception
     */
    private static PublicKey getPublicKey(String certificatePath) throws Exception {
        Certificate certificate = getCertificate(certificatePath);
        PublicKey key = certificate.getPublicKey();
        return key;
    }

    /**
     * get Certificate
     * 
     * @param certificatePath
     * @return
     * @throws Exception
     */
    private static Certificate getCertificate(String certificatePath) throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance(X509);
        FileInputStream in = new FileInputStream(certificatePath);

        Certificate certificate = certificateFactory.generateCertificate(in);
        in.close();

        return certificate;
    }

    /**
     * get Certificate
     * 
     * @param keyStorePath
     * @param alias
     * @param password
     * @return
     * @throws Exception
     */
    private static Certificate getCertificate(String keyStorePath, String alias, String password) throws Exception {
        KeyStore ks = getKeyStore(keyStorePath, password);
        Certificate certificate = ks.getCertificate(alias);

        return certificate;
    }

    /**
     * get KeyStore
     * 
     * @param keyStorePath
     * @param password
     * @return
     * @throws Exception
     */
    private static KeyStore getKeyStore(String keyStorePath, String password) throws Exception {
        FileInputStream is = new FileInputStream(keyStorePath);
        KeyStore ks = KeyStore.getInstance(KEY_STORE);
        ks.load(is, password.toCharArray());
        is.close();
        return ks;
    }

    /**
     * private key encrypt
     * 
     * @param data
     * @param keyStorePath
     * @param alias
     * @param password
     * @return
     * @throws Exception
     */
    public static byte[] encryptByPrivateKey(byte[] data, String keyStorePath, String alias, String password)
            throws Exception {
        PrivateKey privateKey = getPrivateKey(keyStorePath, alias, password);
        Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);

        return cipher.doFinal(data);

    }

    /**
     * private key decrypt
     * 
     * @param data
     * @param keyStorePath
     * @param alias
     * @param password
     * @return
     * @throws Exception
     */
    public static byte[] decryptByPrivateKey(byte[] data, String keyStorePath, String alias, String password)
            throws Exception {
        PrivateKey privateKey = getPrivateKey(keyStorePath, alias, password);
        Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());
        cipher.init(Cipher.DECRYPT_MODE, privateKey);

        return cipher.doFinal(data);

    }

    /**
     * public key encrypt
     * 
     * @param data
     * @param certificatePath
     * @return
     * @throws Exception
     */
    public static byte[] encryptByPublicKey(byte[] data, String certificatePath) throws Exception {
        PublicKey publicKey = getPublicKey(certificatePath);
        Cipher cipher = Cipher.getInstance(publicKey.getAlgorithm());
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);

        return cipher.doFinal(data);

    }

    /**
     * public key decrypt
     * 
     * @param data
     * @param certificatePath
     * @return
     * @throws Exception
     */
    public static byte[] decryptByPublicKey(byte[] data, String certificatePath) throws Exception {
        PublicKey publicKey = getPublicKey(certificatePath);
        Cipher cipher = Cipher.getInstance(publicKey.getAlgorithm());
        cipher.init(Cipher.DECRYPT_MODE, publicKey);

        return cipher.doFinal(data);

    }

    /**
     * verify Certificate
     * 
     * @param certificatePath
     * @return
     */
    public static boolean verifyCertificate(String certificatePath) {
        return verifyCertificate(new Date(), certificatePath);
    }

    /**
     * verify Certificate is expired or invaild
     * 
     * @param date
     * @param certificatePath
     * @return
     */
    public static boolean verifyCertificate(Date date, String certificatePath) {
        boolean status = true;
        try {
            Certificate certificate = getCertificate(certificatePath);
            status = verifyCertificate(date, certificate);
        } catch (Exception e) {
            status = false;

        }
        return status;
    }

    /**
     * verify Certificate is expired or invaild
     * 
     * @param date
     * @param certificate
     * @return
     */
    private static boolean verifyCertificate(Date date, Certificate certificate) {
        boolean status = true;
        try {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            x509Certificate.checkValidity(date);
        } catch (Exception e) {
            status = false;
        }
        return status;
    }

    /**
     * sign
     * 
     * @param keyStorePath
     * @param alias
     * @param password
     * 
     * @return
     * @throws Exception
     */
    public static String sign(byte[] sign, String keyStorePath, String alias, String password) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) getCertificate(keyStorePath, alias, password);
        KeyStore ks = getKeyStore(keyStorePath, password);
        PrivateKey privateKey = (PrivateKey) ks.getKey(alias, password.toCharArray());
        Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
        signature.initSign(privateKey);
        signature.update(sign);
        return encryptBASE64(signature.sign());
    }

    /**
     * vilidate sign
     * 
     * @param data
     * @param sign
     * @param certificatePath
     * @return
     * @throws Exception
     */
    public static boolean verify(byte[] data, String sign, String certificatePath) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) getCertificate(certificatePath);
        PublicKey publicKey = x509Certificate.getPublicKey();
        Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
        signature.initVerify(publicKey);
        signature.update(data);

        return signature.verify(decryptBASE64(sign));

    }

    /**
     * validate Certificate
     * 
     * @param keyStorePath
     * @param alias
     * @param password
     * @return
     */
    public static boolean verifyCertificate(Date date, String keyStorePath, String alias, String password) {
        boolean status = true;
        try {
            Certificate certificate = getCertificate(keyStorePath, alias, password);
            status = verifyCertificate(date, certificate);
        } catch (Exception e) {
            status = false;
        }
        return status;
    }

    /**
     * vilidate Certificate
     * 
     * @param keyStorePath
     * @param alias
     * @param password
     * @return
     */
    public static boolean verifyCertificate(String keyStorePath, String alias, String password) {
        return verifyCertificate(new Date(), keyStorePath, alias, password);
    }

    /**
     * get SSLSocektFactory
     * 
     * @param password
     * @param keyStorePath
     * @param trustKeyStorePath
     * @return
     * @throws Exception
     */
    private static SSLSocketFactory getSSLSocketFactory(String password, String keyStorePath, String trustKeyStorePath)
            throws Exception {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(SunX509);
        KeyStore keyStore = getKeyStore(keyStorePath, password);
        keyManagerFactory.init(keyStore, password.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(SunX509);
        KeyStore trustkeyStore = getKeyStore(trustKeyStorePath, password);
        trustManagerFactory.init(trustkeyStore);
        SSLContext ctx = SSLContext.getInstance(SSL);
        ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        SSLSocketFactory sf = ctx.getSocketFactory();

        return sf;
    }

    /**
     * config SSLSocketFactory for HttpsURLConnectioncon
     * 
     * @param conn
     * HttpsURLConnection
     * @param password
     * @param keyStorePath
     * 
     * @param trustKeyStorePath
     * @throws Exception
     */
    public static void configSSLSocketFactory(HttpsURLConnection conn, String password, String keyStorePath,
            String trustKeyStorePath) throws Exception {
        conn.setSSLSocketFactory(getSSLSocketFactory(password, keyStorePath, trustKeyStorePath));
    }
}

第二個類：

package com.HTTPtransfer.test;

import java.security.MessageDigest;

import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

/**
 * Base Encrypt Model
 * 
 * @author 
 * @version 1.0
 * @since 1.0
 */
public abstract class Coder {
    public static final String KEY_SHA = "SHA";
    public static final String KEY_MD5 = "MD5";

    /**
     * Optional in many of the following algorithm MAC algorithm
     * 
     * <pre>
     * HmacMD5 
     * HmacSHA1 
     * HmacSHA256 
     * HmacSHA384 
     * HmacSHA512
     * </pre>
     */
    public static final String KEY_MAC = "HmacMD5";

    /**
     * BASE64 Decrypt
     * 
     * @param key
     * @return
     * @throws Exception
     */
    public static byte[] decryptBASE64(String key) throws Exception {
        return (new BASE64Decoder()).decodeBuffer(key);
    }

    /**
     * BASE64 Encrypt
     * 
     * @param key
     * @return
     * @throws Exception
     */
    public static String encryptBASE64(byte[] key) throws Exception {
        return (new BASE64Encoder()).encodeBuffer(key);
    }

    /**
     * MD5 Encrypt
     * 
     * @param data
     * @return
     * @throws Exception
     */
    public static byte[] encryptMD5(byte[] data) throws Exception {

        MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);
        md5.update(data);

        return md5.digest();

    }

    /**
     * SHA Encrypt
     * 
     * @param data
     * @return
     * @throws Exception
     */
    public static byte[] encryptSHA(byte[] data) throws Exception {

        MessageDigest sha = MessageDigest.getInstance(KEY_SHA);
        sha.update(data);

        return sha.digest();

    }

    /**
     * InIt HMAC secret key
     * 
     * @return
     * @throws Exception
     */
    public static String initMacKey() throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC);

        SecretKey secretKey = keyGenerator.generateKey();
        return encryptBASE64(secretKey.getEncoded());
    }

    /**
     * HMAC Encrypt
     * 
     * @param data
     * @param key
     * @return
     * @throws Exception
     */
    public static byte[] encryptHMAC(byte[] data, String key) throws Exception {

        SecretKey secretKey = new SecretKeySpec(decryptBASE64(key), KEY_MAC);
        Mac mac = Mac.getInstance(secretKey.getAlgorithm());
        mac.init(secretKey);

        return mac.doFinal(data);

    }
}

接下來才是傳送HTTPS請求的方法：

package com.HTTPtransfer.test;

import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;

import com.HTTPtransfer.test.Client_HTTP.ResponseBean;

public class TLS_Https {

    public static void httpsRequest(String urlpath, String body) {
        ResponseBean resBean = new ResponseBean();
        int responseCode = -1;
        String responseMessage = "Exception.";
        HttpsURLConnection conn = null;
        try {
            java.lang.System.setProperty("https.protocols", "TLS1.2") 
;
            URL u = new URL(urlpath);
            conn = (HttpsURLConnection) u.openConnection();

            conn.setHostnameVerifier(new HostnameVerifier() {
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            });
            conn.setDoOutput(true);
            conn.setDoInput(true);
            conn.setConnectTimeout(20000);
            conn.setReadTimeout(15000);
            conn.setRequestMethod("POST");
            conn.setUseCaches(false);
            conn.setRequestProperty("Content-Type", "text/html;charset=UTF-8");
            CertificateManager.configSSLSocketFactory(conn, Configuration.CLIENTPASSWORD,
                    Configuration.CLIENTKEYSTOREPATH, Configuration.CLIENTTRUSTOREPATH);
            conn.connect();

            OutputStream out = conn.getOutputStream();
            out.write(body.getBytes());
            out.flush();
            out.close();

            // Sleep 50 mill seconds wait for response.
            Thread.sleep(50);
            responseCode = conn.getResponseCode();
            if (responseCode == HttpURLConnection.HTTP_OK) {
                InputStream in = conn.getInputStream();
                BufferedReader br = new BufferedReader(new InputStreamReader(in, ConfigurationFiles.CLIENT_CHARSET));
                String line = null;
                StringBuilder sb = new StringBuilder();

                while ((line = br.readLine()) != null) {
                    sb.append(line);
                }
                in.close();
                conn.disconnect();
                String responseMsg = sb.toString();
                resBean.httpstatus = responseCode;
                if (null == resBean.result_code) {
                    resBean.result_code = "999";
                }

                if (responseMessage == null) {
                    responseMessage = conn.getResponseMessage();
                }
            } else {
                resBean.httpstatus = responseCode;
                resBean.result_code = "999";
            }
        } catch (Exception e) {
            e.printStackTrace();

        }
        resBean.httpstatus = responseCode;
        resBean.result_code = "999";

    }

}

在上面類中有3個物件是需要我們指定的，主要是keystore的絕對目錄

Configuration.CLIENTPASSWORD
Configuration.CLIENTKEYSTOREPATH
Configuration.CLIENTTRUSTOREPATH

java.lang.System.setProperty("https.protocols", "TLS1.2")

能夠將HTTPS的安全協議指定為TLS1.2

傳送基於TLS1.2的HTTPS請求

本文主要介紹瞭如何傳送基於TLS1.2安全協議的HTTPS請求由於目前對網路安全越來越重視，我們會在HTTP的基礎上加上一些安全協議目前最為廣泛所使用的安全協議是TLS1.2 很多服務端容器都已經支援通過配置來設定HTTPS的埠從而支援HTTPS協議在傳送HTTPS的

基於OkHttp網路通訊工具類(傳送get、post請求、檔案上傳和下載)

一、為什麼要用OkHttp? okhttp是專注於提升網路連線效率的http客戶端。優點： 1、它能實現同一ip和埠的請求重用一個socket，這種方式能大大降低網路連線的時間，和每次請求都建立socket，再斷開socket的方式相比，降低了伺服器伺服器的壓力。 2、okhttp 對

向指定 URL 傳送POST方法的請求(狀態碼200和其他有區別)

public static String sendPost(String url, String param) { OutputStreamWriter out = null; BufferedReader in = null; String result = ""; t

C#後臺向某個網站傳送Get或者Post請求

C#通過後臺進行想某個網站傳送Get或者POST請求。這個沒有多少內容，就直接上程式碼了，下面的是GET請求： public string GetFunction(string order,string payType,string filePrice) {

SpringCloud 之 Fegin —— 傳送GET、POST請求以及檔案上傳

深信自己通過學習理解寫出來的才是自己的 --

Java 傳送HTTP或HTTPS請求獲取網頁碼源（1）

閒來無事，封裝了一個簡單的工具類，用於向某個URL傳送請求並獲取響應的文字內容。傳送HTTP請求的方式比較簡單，但用來發送HTTPS請求卻不行的。於是查了一些資料，根據前人經驗寫了這個工具類，能夠區分URL是HTTP型別還是HTTPS型別的，但對HTTPS方式的原理的研究尚淺，也只是拿

https 傳送get或post請求時忽略證書認證方式

原創地址：http://www.cnblogs.com/shipengzhi/archive/2012/08/22/2650953.html 在開發java時呼叫別人介面（這個介面還是https開頭的）過程中，需要認證你的證書，然而測試伺服器常常沒有一個（有效的）SSL證書。在你的客戶端連線測試伺

HttpSenderUtil向指定 URL 傳送POST方法的請求

package com.founder.ec.common.utils; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.io.P

java模擬傳送form-data的請求

package com.silot.test; import org.apache.http.HttpResponse; import org.apache.http.client.methods.HttpPost; import org.apache.http.entity.mime.Htt

kafka叢集Broker端基於Reactor模式請求處理流程深入剖析-kafka商業環境實戰

本套技術專欄是作者（秦凱新）平時工作的總結和昇華，通過從真實商業環境抽取案例進行總結和分享，並給出商業應用的調優建議和叢集環境容量規劃等內容，請持續關注本套部落格。期待加入IOT時代最具戰鬥力的團隊。QQ郵箱地址：[email protected]，如有任何學術交流，可隨時聯絡。

requests傳送multipart/form-data請求(檔案)

在寫爬蟲有時候會發現這種請求資料，其實就是一個上傳圖片的請求。 def send_file(user,user_key,tousername,file,cookice): ''' 傳送檔案表情之類 :param user: 傳送訊息的使用者 [{'FromUserName

使用httpclient傳送get或post請求

原文地址 HttpClient 是 Apache Jakarta Common 下的子專案，可以用來提供高效的、最新的、功能豐富的支援 HTTP 協議的客戶端程式設計工具包，並且它支援 HTTP 協議最新的版本和建議。當前官網最新版介紹頁是：http://hc.apache.org/http

Jsoup系列學習(1)-傳送get或post請求

原文地址簡介 jsoup 是一款Java 的HTML解析器，可直接解析某個URL地址、HTML文字內容。它提供了一套非常省力的API，可通過DOM，CSS以及類似於jQuery的操作方法來取出和操作資料。官網：http://www.open-open.com/jsoup/

向指定地址傳送get、post請求

URL的openConnection()方法將返回一個URLConnection物件，該物件表示應用程式和 URL 之間的通訊連結。程式可以通過URLConnection例項向該URL傳送請求、讀取URL引用的資源。通常建立一個和 URL 的連線，併發送請求、讀取此 URL 引用的資源需要如下幾個

java向指定URL傳送GET或POST請求

import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.io.BufferedReader; import java.io.IOException; import java.io.Input

urllib庫傳送get和post請求

urllib是Python中內建的傳送網路請求的一個庫(包)，在Python2中由urllib和urllib2兩個庫來實現請求的傳送，但是在Python中已經不存在urllib2這個庫了，已經將urllib和urllib2合併為urllib。urllib是一個庫(包)，request是urllib庫裡面用於傳

ajax——傳送不同格式的請求資料

1.上傳formData格式資料 var params = new FormData(); params.append("id", "1"); params.append("name", "cd"); $.ajax({ url: "xxx", type: "POST

使用postman傳送第一個api請求，可以使用這個api進行測試！!

使用postman傳送第一個api請求？ https://www.v2ex.com/p/7v9TEc53 v2ex是個論壇，技術人員經常會去看的一個論壇是一個彙集各類奇妙好玩的話題和流行動向的網站。V2EX 提供了特別有用的小工具 [ ZEN ]，幫助你掌握自己的時

PostMan測試介面，傳送Get，Post請求

我現在的專案開發是前後臺分離的，所以在寫介面的時候，是需要自己測試一下的，測試工具就是PostMan，第一次接觸，也是百度，檢視部落格。所以自己乾脆寫個全一點的，也讓其他人有個參考，寫的不對多多指正哈；下面Postman工具介紹一點，簡單的大家

java HttpClient傳送get和post請求

最近需要用到在A專案裡面發起請求去請求B專案的介面，所以用到了HttpClient，將工具類記錄下，可設定get、post方式，也可以設定session和cookie等header 一、工具類HttpClientUtil package Utils; imp

傳送基於TLS1.2的HTTPS請求

相關推薦