https如何绕过验证的证书

package com.ctrip.microfinance.giftcard.financedatajob.agent;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicHeader;
import org.apache.http.protocol.HTTP;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import com.alibaba.fastjson.JSONObject;
import com.ctrip.microfinance.giftcard.financedatajob.manager.ConfigManager;

/**

  • 信用卡加解密服务

  • http://conf.ctripcorp.com/pages/viewpage.action?pageId=113939104
    */
    @Component
    public class KeyWSAgent {

    private static final Logger logger = LoggerFactory.getLogger(KeyWSAgent.class);
    private static final String API_NAME_ENCRYPT = “encrypt”;
    private static final String API_NAME_DECRYPT = “decrypt”;

    @Autowired
    private ConfigManager configManager;

    /**

    • 加密
      */
      public String encrypt(String paramStr) {
      return request(API_NAME_ENCRYPT, paramStr);
      }

    /**

    • 解密
      */
      public String decrypt(String paramStr) {
      return request(API_NAME_DECRYPT, paramStr);
      }

    /**

    • 调用加解密的接口,并对结果进行处理
      */
      private String request(String type, String paramStr) {

      // 1.构建请求
      JSONObject requestJson = new JSONObject();
      requestJson.put(“param”, paramStr);

      // 2.发送信息
      // try{
      // // 设置协议http和https对应的处理socket链接工厂的对象
      // Registry socketFactoryRegistry = RegistryBuilder.create()
      // .register(“http”, PlainConnectionSocketFactory.INSTANCE)
      // .register(“https”, new SSLConnectionSocketFactory(createIgnoreVerifySSL()))
      // .build();
      // PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
      // HttpClients.custom().setConnectionManager(connManager);
      //
      // //创建自定义的httpclient对象
      // CloseableHttpClient client = HttpClients.custom().setConnectionManager(connManager).build();

      try (CloseableHttpClient client = HttpClients.createDefault()) {
      HttpPost httpPost = new HttpPost(configManager.getCustomConfig().getProperty(“keyws.url”) + type);
      httpPost.addHeader(HTTP.CONTENT_TYPE, “application/json”);

       String requestJsonString = requestJson.toJSONString();
       StringEntity se = new StringEntity(requestJsonString);
       se.setContentType("text/json");
       se.setContentEncoding(new BasicHeader(HTTP.CONTENT_TYPE, "application/json"));
       httpPost.setEntity(se);
      
       HttpResponse response = client.execute(httpPost);
      
       // 3.非200状态,都视为失败
       String responseContent = EntityUtils.toString(response.getEntity());
       if (response.getStatusLine().getStatusCode() != 200) {
           logger.info("返回httpcode非200:{}", responseContent);
           return "";
       }
       
       // 4.code非0,都视为失败
       JSONObject object = JSONObject.parseObject(responseContent);
       int code = object.getInteger("code");
       if(code != 0) {
       	logger.info("返回code非0:{}", responseContent);
           return "";
       }
       
       return object.getString("result");
      

      } catch (Exception ex) {
      logger.warn(“调用KeyWS服务异常”, ex);
      return “”;
      }
      }

    /

    • 绕过验证

    • @return

    • @throws NoSuchAlgorithmException

    • @throws KeyManagementException
      */
      public SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
      SSLContext sc = SSLContext.getInstance(“SSLv3”);

      // 实现一个X509TrustManager接口,用于绕过验证
      X509TrustManager trustManager = new X509TrustManager() {
      @Override
      public void checkClientTrusted(
      java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
      String paramString) throws CertificateException {
      }

       @Override
       public void checkServerTrusted(
       		java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
       		String paramString) throws CertificateException {
       }
      
       @Override
       public java.security.cert.X509Certificate[] getAcceptedIssuers() {
       	return null;
       }
      

      };

      sc.init(null, new TrustManager[] { trustManager }, null);
      return sc;
      }**

}

你可能感兴趣的:(https如何绕过验证的证书)