线上HttpClient请求跳过https证书解决方案

最新推荐文章于 2024-03-03 15:20:26 发布

zhang_rk

最新推荐文章于 2024-03-03 15:20:26 发布

阅读量2.1k

点赞数 3

分类专栏： skill

skill 专栏收录该内容

10 篇文章

订阅专栏

本文介绍如何使用Apache HttpClient库处理HTTPS请求，包括绕过证书验证的方法和示例代码，适用于需要进行安全连接的Java应用程序。

HttpClient简介

HTTP 协议可能是现在 Internet 上使用得最多、最重要的协议了，越来越多的 Java 应用程序需要直接通过 HTTP协议来访问网络资源。虽然在 JDK 的 java.net 包中已经提供了访问 HTTP 协议的基本功能，但是对于大部分应用程序来说，JDK库本身提供的功能还不够丰富和灵活。HttpClient 是 Apache Jakarta Common下的子项目，用来提供高效的、最新的、功能丰富的支持 HTTP 协议的客户端编程工具包，并且它支持 HTTP协议最新的版本和建议。HttpClient 已经应用在很多的项目中，比如 Apache Jakarta 上很著名的另外两个开源项目Cactus 和 HTMLUnit 都使用了 HttpClient。

先上代码，执行代码效果很明显看出http请求和https请求的不同。
1.ClientWithResponseHandler.java

/*
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of the Apache Software Foundation.  For more
 * information on the Apache Software Foundation, please see
 * <http://www.apache.org/>.
 *
 */

package org.apache.http.examples.client;

import java.io.IOException;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

/**
 * This example demonstrates the use of the {@link ResponseHandler} to simplify
 * the process of processing the HTTP response and releasing associated resources.
 */
public class ClientWithResponseHandler {

    public final static void main(String[] args) throws Exception {
        CloseableHttpClient httpclient = HttpClients.createDefault();
        try {
            HttpGet httpget = new HttpGet("http://www.baidu.com/");

            System.out.println("Executing request " + httpget.getRequestLine());

            // Create a custom response handler
            ResponseHandler<String> responseHandler = new ResponseHandler<String>() {

                @Override
                public String handleResponse(
                        final HttpResponse response) throws ClientProtocolException, IOException {
                    int status = response.getStatusLine().getStatusCode();
                    if (status >= 200 && status < 300) {
                        HttpEntity entity = response.getEntity();
                        return entity != null ? EntityUtils.toString(entity) : null;
                    } else {
                        throw new ClientProtocolException("Unexpected response status: " + status);
                    }
                }

            };
            String responseBody = httpclient.execute(httpget, responseHandler);
            System.out.println("----------------------------------------");
            System.out.println(responseBody);
        } finally {
            httpclient.close();
        }
    }

}

测试地址随意更换，只要能看出效果的请求。控制台会把填写的请求路径打印出来。
但是可以看出，我们测试用的是http请求，等你把请求头设置为https的时候就会报错。
提示unable to find valid certification path to requested target，无法通过https认证。

2.Method SSLContext

/** 
* 绕过验证 
*   
* @return 
* @throws NoSuchAlgorithmException  
* @throws KeyManagementException  
*/  
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {  
        SSLContext sc = SSLContext.getInstance("SSLv3");  

        // 实现一个X509TrustManager接口，用于绕过验证，不用修改里面的方法  
        X509TrustManager trustManager = new X509TrustManager() {  
            @Override  
            public void checkClientTrusted(  
                    java.security.cert.X509Certificate[] paramArrayOfX509Certificate,  
                    String paramString) throws CertificateException {  
            }  

            @Override  
            public void checkServerTrusted(  
                    java.security.cert.X509Certificate[] paramArrayOfX509Certificate,  
                    String paramString) throws CertificateException {  
            }  

            @Override  
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {  
                return null;  
            }  
        };  

        sc.init(null, new TrustManager[] { trustManager }, null);  
        return sc;  
    }

修改1中main方法：

public final static void main(String[] args) throws Exception {

        String body = "";

        //采用绕过验证的方式处理https请求  
        SSLContext sslcontext = createIgnoreVerifySSL();  

        //设置协议http和https对应的处理socket链接工厂的对象  
        Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()  
            .register("http", PlainConnectionSocketFactory.INSTANCE)  
            .register("https", new SSLConnectionSocketFactory(sslcontext))  
            .build();  
        PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);  
        HttpClients.custom().setConnectionManager(connManager); 


        //创建自定义的httpclient对象  
        CloseableHttpClient client = HttpClients.custom().setConnectionManager(connManager).build();  
        //CloseableHttpClient client = HttpClients.createDefault();  

        try{
            //创建get方式请求对象  
            HttpGet get = new HttpGet("https://www.baidu.com/");

            //指定报文头Content-type、User-Agent  
            get.setHeader("Content-type", "application/x-www-form-urlencoded");  
            get.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2");

            //执行请求操作，并拿到结果（同步阻塞）  
            CloseableHttpResponse response = client.execute(get);  

            //获取结果实体  
            HttpEntity entity = response.getEntity(); 
            if (entity != null) {  
                //按指定编码转换结果实体为String类型  
                body = EntityUtils.toString(entity, "UTF-8");  
            }  

            EntityUtils.consume(entity);  
            //释放链接  
            response.close(); 
            System.out.println("body:" + body);
        } finally{
            client.close();
       }
    }

运行代码，获取网页内容成功！

同理，再尝试下post请求：

public final static void main(String[] args) throws Exception {

        String body = "";

        //采用绕过验证的方式处理https请求  
        SSLContext sslcontext = createIgnoreVerifySSL();  
        //设置协议http和https对应的处理socket链接工厂的对象  
        Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()  
            .register("http", PlainConnectionSocketFactory.INSTANCE)  
            .register("https", new SSLConnectionSocketFactory(sslcontext))  
            .build();  
        PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);  
        HttpClients.custom().setConnectionManager(connManager); 

        //创建自定义的httpclient对象  
        CloseableHttpClient client = HttpClients.custom().setConnectionManager(connManager).build();  
        //CloseableHttpClient client = HttpClients.createDefault();

        try{
            //创建post方式请求对象  
            HttpPost httpPost = new HttpPost("https://api.douban.com/v2/book/1220562"); 


            //指定报文头Content-type、User-Agent
            httpPost.setHeader("Content-type", "application/x-www-form-urlencoded");  

            httpPost.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2");


            //执行请求操作，并拿到结果（同步阻塞）  
            CloseableHttpResponse response = client.execute(httpPost);  

            //获取结果实体  
            HttpEntity entity = response.getEntity(); 
            if (entity != null) {  
                //按指定编码转换结果实体为String类型  
                body = EntityUtils.toString(entity, "UTF-8");  
            }  

            EntityUtils.consume(entity);  
            //释放链接  
            response.close(); 
            System.out.println("body:" + body);
        }finally{
            client.close();
        }
    }

https地址以豆瓣的一个api为例，获得ID为1220562的书的信息。
对应修改一下自己本地的HttpClientUtils就可以，简单易懂。