本文介绍了如何在Java Springboot项目中进行微信第三方支付的证书认证,详细讲解了证书导入过程,包括在本地和Docker环境下导入CER证书。同时,文章还涵盖了支付、查询和回调方法的实现,以及使用DockerFile进行应用的部署流程。
接入流程
- 与第三方交换CER证书
- 第三方与光大银行微信云缴费对接
- 对接时认证本地证书, 发送请求, 接收报文
- 小程序将报文拼接到跳转路径, 打开云缴费小程序
Docker部署时导入第三方证书
代码未做优化和封装
定义Bean
接口响应信息封装
统一返回值替换为自己的
@Data
public class FeedBack {
/**
* 交易码
*/
private String trancode;
/**
* 交易种类
*/
private String trantype;
/**
* 结果标志
* 0:成功
* 1:失败
*/
private String anscode;
/**
* 结果信息
* 成功为空,失败填写失败原因
*/
private String ansmsg;
/**
* 单位业务流水号或订单号
*/
private String orderid;
/**
* 缴款码编号
*/
private String paycode;
private String payAmount;
private String payTime;
}
import lombok.Data;
/**
* 支付请求参数 循环域
*/
@Data
public class Extinfo {
/**
* 项目顺序
* 用于标识最多5个项目缴款书中的先后顺序,值分别为1、2、3、4、5
*/
private String xmsx="1";
/**
* 执收编码
* 不可重复,从执收单位财务人员获取
*/
private String zsbm="填写执收编码";
/**
* 数量
*/
private String sl="1.00";
/**
* 金额
*/
private String je="100";
}
导入本地证书
在resources下创建目录certs.
导入域名pfx证书
相关包
<properties>
<okhttp>3.10.0</okhttp>
<httpclient>4.5.6</httpclient>
<httpcore>4.4.10</httpcore>
<fastjson-version>1.2.46</fastjson-version>
<json-lib>2.4</json-lib>
<commons-codec>1.10</commons-codec>
<bcprov-jdk15on>1.60</bcprov-jdk15on>
</properties>
<!--http-->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>${
httpclient}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<version>${
httpcore}</version>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>${
okhttp}</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>${
fastjson-version}</version>
</dependency>
<!--JSON-->
<dependency>
<groupId>net.sf.json-lib</groupId>
<artifactId>json-lib</artifactId>
<version>${
json-lib}</version>
<classifier>jdk15</classifier>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>${
commons-codec}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${
bcprov-jdk15on}</version>
</dependency>
封装请求工具类
import javax.net.ssl.*;
import javax.security.auth.x500.X500Principal;
import java.io.*;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
public class HttpsClient {
// 客户端密钥库
private String sslKeyStorePath = null;
private String sslKeyStorePassword = null;
private String sslKeyStoreType = null;
// 客户端信任证书
private String sslTrustStore = null;
private String sslTrustStorePassword = null;
private String sslTruststoreType = null;
//地址
private String host = null;
private int port = 0;
//设置密钥库相关参数
public void setKeyStoreParameters(String sslKeyStorePath,String sslKeyStorePassword,String sslKeyStoreType){
this.sslKeyStorePath = sslKeyStorePath;
this.sslKeyStorePassword = sslKeyStorePassword;
this.sslKeyStoreType = sslKeyStoreType;
}
//设置客户端信任证书相关参数
public void setTrustStoreParameters(String sslTrustStore,String sslTrustStorePassword,String sslTruststoreType){
this.sslTrustStore = sslTrustStore;
this.sslTrustStorePassword = sslTrustStorePassword;
this.sslTruststoreType = sslTruststoreType;
}
//设置访问地址
public void setHost(String host){
this.host = host;
}
//设置访问地址
public void setPort(int port){
this.port = port;
}
//发送并接收信息
public String sengMessage(String message) throws Exception{
KeyManagerFactory kmf = null;
TrustManagerFactory tmf = null;
if(null != sslKeyStoreType){
kmf = KeyManagerFactory.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance(sslKeyStoreType);
InputStream ksIn = Thread.currentThread().getContextClassLoader().getResourceAsStream(sslKeyStorePath);
keyStore.load(ksIn, sslKeyStorePassword.toCharArray());
ksIn.close(
最低0.47元/天 解锁文章
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
