JavaDemo——使用jks的https

java使用https主要就是设置下sslContext,sslContext初始化需要密钥管理器和信任管理器,密钥管理器用于管理本地证书和私钥,信任管理器用于验证远程服务器的证书,这两种管理器都需要KeyStore初始化,两种管理器可以按需只设置一种或者都设置,KeyStore就用到jks文件和密钥库密码;

另外密钥管理器还需要一个密钥密码;

demo:

http服务端:

/**
 * 2023年7月19日上午10:43:42
 */
package testHttpSSL;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.InetSocketAddress;
import java.security.KeyStore;
import java.util.concurrent.Executors;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpsConfigurator;
import com.sun.net.httpserver.HttpsServer;

/**
 * @author XWF
 *
 */
public class TestHttpServerWithSSL {

	/**
	 * @param args
	 */
	public static void main(String[] args) {
		String storepass = "mystorepass";	//密钥库密码
		String keypass = storepass;	//密钥密码
		try {
			KeyStore keystore = KeyStore.getInstance("jks");
			keystore.load(new FileInputStream("./testhttp.jks"), storepass.toCharArray());
			SSLContext sslContext = SSLContext.getInstance("TLS");
			KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");	//管理本地证书和私钥
			kmf.init(keystore, keypass.toCharArray() );
			TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");	//验证远程服务器证书
			tmf.init(keystore);
			sslContext.init(kmf.getKeyManagers(), null, null);
			System.out.println(keystore);
			
			HttpsServer server = HttpsServer.create(new InetSocketAddress(4444), 0);
			server.setHttpsConfigurator(new HttpsConfigurator(sslContext));	//设置ssl
			server.createContext("/", new HttpHandler(){

				@Override
				public void handle(HttpExchange exchange) throws IOException {
					String exchangeUrl = exchange.getRequestURI().toString().substring(1);
					System.out.println("exchangeUrl=" + exchangeUrl);
					System.out.println("BODY:" + new String(exchange.getRequestBody().readAllBytes()));
					exchange.sendResponseHeaders(200, 0);
					try(OutputStream os = exchange.getResponseBody()){
						os.write("test return".getBytes());
					} catch (Exception e) {
						e.printStackTrace();
					}
				}
				
			});
			server.setExecutor(Executors.newCachedThreadPool());
			server.start();
			System.out.println("https server start");
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

}

http客户端:

/**
 * 2023年7月19日上午10:43:58
 */
package testHttpSSL;

import java.io.File;
import java.io.FileInputStream;
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpClient.Version;
import java.net.http.HttpRequest;
import java.net.http.HttpRequest.BodyPublishers;
import java.net.http.HttpResponse;
import java.net.http.HttpResponse.BodyHandlers;
import java.security.KeyStore;
import java.time.Duration;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/**
 * @author XWF
 *
 */
public class TestHttpClientWithSSL {

	/**
	 * @param args
	 */
	public static void main(String[] args) {
		String storepass = "mystorepass";
		String keypass = storepass;
		try {
			KeyStore keystore = KeyStore.getInstance("jks");
			keystore.load(new FileInputStream("./testhttp.jks"), storepass.toCharArray());
			SSLContext sslContext = SSLContext.getInstance("TLS");
			KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
			kmf.init(keystore, keypass.toCharArray() );
			TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
			tmf.init(keystore);
			sslContext.init(null, tmf.getTrustManagers(), null);
			System.out.println(keystore);
			
			HttpClient client = HttpClient.newBuilder()	//jdk11的httpclient
					.version(Version.HTTP_1_1)
					.sslContext(sslContext)	//设置ssl
					.build();
			HttpRequest request = HttpRequest.newBuilder()
					.uri(URI.create("https://127.0.0.1:4444/test?x=1&y=2"))
					.timeout(Duration.ofMillis(1000))
					.POST(BodyPublishers.ofByteArray("hello world".getBytes()))
					.build();
			HttpResponse response = client.send(request, BodyHandlers.ofString());
			System.out.println(response.statusCode());
			System.out.println(response.body().toString());
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

}

运行结果:

客户端:

服务端:

JavaDemo——使用jks的https_第1张图片

你可能感兴趣的:(JavaDemos,https,jks)