packagecom.inspur.demo.http.client;importcom.inspur.demo.common.util.FileUtil;importokhttp3.OkHttpClient;importokhttp3.Request;importokhttp3.Response;importorg.junit.Test;import javax.net.ssl.*;importjava.io.File;importjava.io.FileInputStream;importjava.io.IOException;importjava.security.KeyStore;importjava.security.cert.CertificateException;importjava.security.cert.X509Certificate;/*** 通过OkHttp调用Https接口*/
public classOkHttpHttpsCase {/** 请求有权威证书的地址*/@Testpublic void test() throwsIOException {
String requestPath= "https://www.baidu.com/";
OkHttpClient client= newOkHttpClient.Builder()//.connectionSpecs(Arrays.asList(ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS))
.build();
Request request= newRequest.Builder()
.url(requestPath).get().build();
Response response=client.newCall(request).execute();
System.out.println("get返回状态:" +response.code());
System.out.println("get返回结果:" +response.body().string());
response.close();
}/*** 请求自定义证书的地址,不需要客户端证书
*
*@throwsException*/@Testpublic void test2() throwsException {
String requestPath= "https://10.40.103.48:9010/zsywservice";//获取信任证书库
KeyStore trustStore = getkeyStore("jks", "d:/temp/cacerts", "123456");//KeyStore trustStore = null;//trustStore为null也可以
OkHttpClient client = newOkHttpClient.Builder()
.sslSocketFactory(getSSLSocketFactory(null, null, trustStore), newDefaultTrustManager())
.hostnameVerifier((s, sslSession)-> true).build();
Request request= newRequest.Builder()
.url(requestPath).get().build();
Response response=client.newCall(request).execute();
System.out.println("get返回状态:" +response.code());
System.out.println("get返回结果:" +response.body().string());
response.close();
}/*** 请求自定义证书的地址,需要客户端证书
*
*@throwsIOException*/@Testpublic void test3() throwsException {
String requestPath= "https://10.40.103.48:9016/zsywservice";//获取客户端证书
KeyStore keyStore = getkeyStore("pkcs12", "d:/client.p12", "123456");//获取信任证书库
KeyStore trustStore = getkeyStore("jks", "d:/temp/cacerts", "123456");//KeyStore trustStore = null;//trustStore为null也可以
OkHttpClient client = newOkHttpClient.Builder()
.sslSocketFactory(getSSLSocketFactory(keyStore,"123456", trustStore), newDefaultTrustManager())
.hostnameVerifier((s, sslSession)-> true).build();
Request request= newRequest.Builder()
.url(requestPath).get().build();
Response response=client.newCall(request).execute();
System.out.println("get返回状态:" +response.code());
System.out.println("get返回结果:" +response.body().string());
response.close();
}/*** 获取证书
*
*@return
*/
privateKeyStore getkeyStore(String type, String filePath, String password) {
KeyStore keySotre= null;
FileInputStream in= null;try{
keySotre=KeyStore.getInstance(type);
in= new FileInputStream(newFile(filePath));
keySotre.load(in, password.toCharArray());
}catch(Exception e) {
e.printStackTrace();
}finally{
FileUtil.close(in);
}returnkeySotre;
}private SSLSocketFactory getSSLSocketFactory(KeyStore keyStore, String keyStorePassword, KeyStore trustStore) throwsException {
KeyManager[] keyManagers= null;
TrustManager[] trustManagers= null;if (keyStore != null) {
KeyManagerFactory keyManagerFactory= KeyManagerFactory.getInstance("SunX509");
keyManagerFactory.init(keyStore, keyStorePassword.toCharArray());
keyManagers=keyManagerFactory.getKeyManagers();
}if (trustStore != null) {
TrustManagerFactory trustManagerFactory= TrustManagerFactory.getInstance("SunX509");
trustManagerFactory.init(trustStore);
trustManagers=trustManagerFactory.getTrustManagers();
}else{
trustManagers= new TrustManager[]{newDefaultTrustManager()};
}//设置服务端支持的协议
SSLContext context = SSLContext.getInstance("TLSv1.2");
context.init(keyManagers, trustManagers,null);
SSLSocketFactory sslFactory=context.getSocketFactory();returnsslFactory;
}private final class DefaultTrustManager implementsX509TrustManager {
@Overridepublic void checkClientTrusted(X509Certificate[] chain, String authType) throwsCertificateException {
}
@Overridepublic void checkServerTrusted(X509Certificate[] chain, String authType) throwsCertificateException {
}
@OverridepublicX509Certificate[] getAcceptedIssuers() {return newX509Certificate[]{};
}
}
}