文章目录
- 一、CURL 方式
- 1. 普通参数
- 2. json参数
- 3. 跳过ssl证书校验
- 二、安装证书
- 1. windows
- 2. linux
- 三、java 请求
- 3.1. form和json方法
- 3.2. 跳过证书请求
一、CURL 方式
1. 普通参数
curl -d "grant_type=password&client_id=SmartRest&client_secret=594a27f3-4432-4d37-9196-2ba49de52758&username=user123&password=welcome123" https://xxxxxxx.xxx.in:8543/auth/realms/restapi/protocol/openid-connect/token --cacert ./ca_bundle.crt
2. json参数
http和https接口通用
curl -i -H 'content-type: application/json' -X POST -d '{"requestData":"123"}' https://192.168.0.106:5210/XXXX/openAccountApplicationInfoVerify
3. 跳过ssl证书校验
curl -k -H "Content-Type: application/json" -X POST -d '{"requestData":"123"}' https://192.168.0.106:5210/XXXX/openAccountApplicationInfoVerify
二、安装证书
我需要在Java代码中发送同样的内容,我只有一个.crt文件,我没有密钥密码或任何东西。
1. windows
keytool -import -trustcacerts -file "_ca_bundle.crt" -alias "alias" -keystore "C:\Program Files\Java\jdk1.8.0_131\jre\lib\security\cacerts"
2. linux
将_ca_bundle.crt证书文件上传服务器/app/jdk1.8/jre/lib/security/cacerts目录下面
cd /app/jdk1.8/jre/lib/security/cacerts
安装证书
keytool -import -trustcacerts -file "_ca_bundle.crt" -alias "alias" -keystore "/app/jdk1.8/jre/lib/security/cacerts"
三、java 请求
3.1. form和json方法
package com.gblfy.utils;import com.alibaba.fastjson.JSON;import javax.net.ssl.HttpsURLConnection;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;public class A {public static void main(String[] args) throws Exception {//formParam testString formUrl = "https://xxxx.xxx.xx:8543/auth/realms/restapi/protocol/openid-connect/token";String formParam = "grant_type=password&client_id=SmartRest&client_secret=594a27f3-4432-4d37-9196-2ba49de52758&username=user123&password=welcome123";jsonParamOrFormParamToHttpSSL(formUrl, formParam, "");//formParam testString jsonUrl = "https://xxxx.xxx.xx:8543/auth/realms/restapi/protocol/openid-connect/token";Map<String, Object> map = new HashMap<>();map.put("xml1", "xmlvalue1");map.put("xmlkey2", "xmlvalue2");jsonParamOrFormParamToHttpSSL(jsonUrl, JSON.toJSONString(map), "json");}public static String jsonParamOrFormParamToHttpSSL(String url, String reqParam, String paramType) {try {HttpsURLConnection con = (HttpsURLConnection) new URL(url).openConnection();if ("json".equals(paramType)) {con.setRequestProperty("Content-Type", "application/json;charset=UTF-8");} else {con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");}con.setDoOutput(true);DataOutputStream wr = new DataOutputStream(con.getOutputStream());wr.writeBytes(reqParam);wr.flush();wr.close();BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));String inputLine;StringBuffer response = new StringBuffer();while ((inputLine = in.readLine()) != null) {response.append(inputLine);}in.close();//print resultSystem.out.println("返回报文-----------------------" + response.toString());return response.toString();} catch (IOException e) {e.printStackTrace();}return null;}
}3.2. 跳过证书请求
package com.gblfy.utils;import org.springframework.stereotype.Component;import javax.net.ssl.*;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;/*** 实现HTTPS协议POST请求JSON报文* <p>* 实现流程: 1.在hosts文件中配置域名和ip地址的映射关系 2.在程序中设置代理服务器 3.需要网络处配置发出权限* </p>** @author gblfy* @date 2020-06-25*/
@Component
public class HttpsApiUtil {private static class TrustAnyTrustManager implements X509TrustManager {// 该方法检查客户端的证书,若不信任该证书则抛出异常。由于我们不需要对客户端进行认证,因此我们只需要执行默认的信任管理器的这个方法。// JSSE中,默认的信任管理器类为TrustManager。@Overridepublic void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}/** 该方法检查服务器的证书,若不信任该证书同样抛出异常。通过自己实现该方法,可以使之信任我们指定的任何证书。 在实现该方法时,也可以简单的不做任何处理,* 即一个空的函数体,由于不会抛出异常,它就会信任任何证书。(non-Javadoc)*/@Overridepublic void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}// 返回受信任的X509证书数组。@Overridepublic X509Certificate[] getAcceptedIssuers() {return new X509Certificate[] {};}}private static class TrustAnyHostnameVerifier implements HostnameVerifier {@Overridepublic boolean verify(String hostname, SSLSession session) {return true;}}/*** post方式请求服务器(https协议)** @param url 求地址* @param content 参数* @param charset 编码* @return* @throws NoSuchAlgorithmException* @throws KeyManagementException* @throws IOException*/public static byte[] sendJsonToHttpsPost(String url, String content, String charset)throws NoSuchAlgorithmException, KeyManagementException, IOException {/** 类HttpsURLConnection似乎并没有提供方法设置信任管理器。其实,* HttpsURLConnection通过SSLSocket来建立与HTTPS的安全连接* ,SSLSocket对象是由SSLSocketFactory生成的。 HttpsURLConnection提供了方法setSSLSocketFactory* (SSLSocketFactory)设置它使用的SSLSocketFactory对象。* SSLSocketFactory通过SSLContext对象来获得,在初始化SSLContext对象时,可指定信任管理器对象。*/SSLContext sc = SSLContext.getInstance("SSL");sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());URL console = new URL(url);HttpsURLConnection conn = (HttpsURLConnection) console.openConnection();conn.setSSLSocketFactory(sc.getSocketFactory());conn.setHostnameVerifier(new TrustAnyHostnameVerifier());conn.setDoOutput(true);// 设置请求头conn.setRequestProperty("Content-Type", "application/json;charset=utf-8");conn.connect();// 设置连接超时时间 单位/毫秒 以需求为准
// conn.setConnectTimeout(30000);DataOutputStream out = new DataOutputStream(conn.getOutputStream());out.write(content.getBytes(charset));// 刷新、关闭out.flush();out.close();InputStream is = conn.getInputStream();if (is != null) {ByteArrayOutputStream outStream = new ByteArrayOutputStream();byte[] buffer = new byte[1024];int len = 0;while ((len = is.read(buffer)) != -1) {outStream.write(buffer, 0, len);}is.close();return outStream.toByteArray();}return null;}// /**
// * fastjson 处理/解析报文
// * com.alibaba.fastjson.JSON
// *
// * @param args
// * @throws NoSuchAlgorithmException
// * @throws KeyManagementException
// * @throws IOException // * @throws JSONException
// */
// public static void main(String[] args) throws NoSuchAlgorithmException, KeyManagementException, IOException, JSONException {
//
// System.out.println("服务端返回报文:" + new String(bytes));// String url = "https://127.0.0.1:8888/postToJson";// byte[] bytes = sendJsonToHttpsPost(url, "{\"name\":\"ly\"}", "utf-8");// System.out.println("服务端返回报文:"+new String(bytes));
//}// //1. 模拟对象发送
// User user = new User();
// user.setUsername("gblfy");
// user.setAge(28);
// user.setPasswd("123456");
// //2. 配置发送url
// String url = "https://127.0.0.1:8888/postToJson";
// //3.发送前将对象转json处理
// String reqXml = JSON.toJSONString(user);
// //4.向指定url发送json格式的https协议报文
// byte[] bytes = sendJsonToHttpsPost(url, reqXml, "utf-8");
// //5.对返回的报文解析
// String resXml = new String(bytes);
// JSONObject jsonObj = (JSONObject) JSON.parse(resXml);
// //6.从解析的报文中获取指定的值
// System.out.println("服务端返回报文:" + jsonObj.getString("username"));
// System.out.println("服务端返回报文:" + jsonObj.getInt("age"));
// System.out.println("服务端返回报文:" + jsonObj.getString("passwd"));}
如何部署SSL证书)
