https 双向认证demo
import javax.net.ssl.*;
import java.io.*;
import java.net.URL;
import java.security.KeyStore;
/**
* 双向SSL 认证
*/
public class HttpsClient {
private final static String charset = "UTF-8";
/**
* 客户端证书设置
*/
protected String clientCertPwd;// 客户端证书密码
protected String clientCertPath;
protected String clientKeyType = "JKS";
/**
* 服务端证书设置
*/
protected String trustCertPath;
protected String truestCertPwd;
protected String truestKeyType = "JKS";
private SSLContext sslContext;
/**
* post方法
*/
public Object post(Object request, String requestAddr) {
String requestData = (String) request;
StringBuffer sb = null;
HttpsURLConnection urlCon = null;
OutputStream os = null;
InputStream fis = null;
BufferedInputStream bis = null;
InputStream is = null;
BufferedReader br = null;
try {
if (sslContext == null) {
sslContext = SSLContext.getInstance("SSL");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
TrustManagerFactory tmf = TrustManagerFactory
.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance(clientKeyType);
keyStore.load(new FileInputStream(clientCertPath),
clientCertPwd.toCharArray());
kmf.init(keyStore, clientCertPwd.toCharArray());
KeyStore trustKeyStore = KeyStore.getInstance(truestKeyType);
trustKeyStore.load(new FileInputStream(trustCertPath),
truestCertPwd.toCharArray());
tmf.init(trustKeyStore);
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
HostnameVerifier hostnameVerifier = new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
}
URL url = new URL(requestAddr);
urlCon = (HttpsURLConnection) url.openConnection();
urlCon.setDoOutput(true);
urlCon.setDoInput(true);
urlCon.setRequestMethod("POST");
urlCon.setRequestProperty("Content-type", "text/xml;charset=" + charset);
urlCon.setSSLSocketFactory(sslContext.getSocketFactory());
os = urlCon.getOutputStream();
fis = new ByteArrayInputStream(requestData.getBytes(charset));
bis = new BufferedInputStream(fis);
byte[] bytes = new byte[1024];
int len = -1;
while ((len = bis.read(bytes)) != -1) {
os.write(bytes, 0, len);
}
closeOutputStream(os, fis, bis);
is = urlCon.getInputStream();
br = new BufferedReader(new InputStreamReader(is, "UTF-8"));
sb = new StringBuffer();
String line;
while ((line = br.readLine()) != null) {
sb.append(line);
}
return sb.toString();
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
closeOutputStream(os, fis, bis);
closeInputStream(is, br);
closeUrlCon(urlCon);
} catch (Exception e2) {
e2.printStackTrace();
}
}
return null;
}
/**
* @param urlCon
*/
private static void closeUrlCon(HttpsURLConnection urlCon) {
if (urlCon != null) {
urlCon.disconnect();
}
}
/**
* @param is
* @param br
* @throws IOException
*/
private static void closeInputStream(InputStream is, BufferedReader br)
throws IOException {
if (br != null) {
br.close();
}
if (is != null) {
is.close();
}
}
/**
* @param os
* @param fis
* @param bis
* @throws IOException
*/
private static void closeOutputStream(OutputStream os, InputStream fis,
BufferedInputStream bis) throws IOException {
if (os != null) {
os.flush();
}
if (bis != null) {
bis.close();
}
if (fis != null) {
fis.close();
}
if (os != null) {
os.close();
}
}
public String getTruestCertPwd() {
return truestCertPwd;
}
public void setTruestCertPwd(String truestCertPwd) {
this.truestCertPwd = truestCertPwd;
}
public String getClientCertPwd() {
return clientCertPwd;
}
public void setClientCertPwd(String clientCertPwd) {
this.clientCertPwd = clientCertPwd;
}
public String getClientCertPath() {
return clientCertPath;
}
public void setClientCertPath(String clientCertPath) {
this.clientCertPath = clientCertPath;
}
public String getTrustCertPath() {
return trustCertPath;
}
public void setTrustCertPath(String trustCertPath) {
this.trustCertPath = trustCertPath;
}
public String getTruestKeyType() {
return truestKeyType;
}
public void setTruestKeyType(String truestKeyType) {
this.truestKeyType = truestKeyType;
}
public String getClientKeyType() {
return clientKeyType;
}
public void setClientKeyType(String clientKeyType) {
this.clientKeyType = clientKeyType;
}
}