add certificate to a KeyStore
first we need to download the certificate from the webserver. this can be done with firefox. if you accepted the servers certificate you can save the certificate by selecting: Edit->Preferences->Advanced->Encryption->View Certificates->Your Certificates here you need to select the certificate and then click on export. save it somewhere on your harddisk. with this certificate java cannot work directly… actually it can but it’s easier to transform it into a KeyStore file. with the commandkeytool -import -alias aliasOfCertifiate -file certificateFile.cer\ -keystore myKeystore
the keytool program is distributed with a jdk. with the command we add the certificate certificateFile.cer as a trusted certificate to the keystore file named myKeystore. the tool prompts for a password. this password is used to encrypt the keystore file.instead of adding the certificate to myKeystore we could also add it to the default keystore of the jvm. this is done with:
keytool -import -alias aliasOfCertifiate -file certificateFile.cer\ -keystore $JAVA_HOME/lib/security/cacerts
with the password “changeit”. this uses root privileges and it is the default setting of all java programs. it’s a bit like pollution of the “global” environment and it’s better to avoid this.
use that keystore
if i have an URLConnection with https as a protocol it’s an instance of HttpsURLConnection and i can simply cast to it. HttpsURLConnection has a method setSSLSocketFactory. this socketFactary can be configured to accept certain certificates or not. a socketFactory which accepts certificates in myKeystore can be created with the following code:InputStream in = new FileInputStream(new File("path/to/myKeystore")); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(in, "PasswordUsedWithKeytool".toCharArray()); in.close(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); X509TrustManager defaultTrustManager = (X509TrustManager)tmf.getTrustManagers()[0]; SSLContext context = SSLContext.getInstance(”TLS”); context.init(null, new TrustManager[] {defaultTrustManager}, null); SSLSocketFactory sslSocketFactory = context.getSocketFactory();
here the keystore is loaded at first. you have to provide the password you typed in during creation of the keystore file. after that a TrustManager is created via a TrustManagerFactory initialised with our KeyStore. then the SSLContext is created and initialised with the trustManager. after that a SSLSocketFactory can be created by the getSocketFactory method of the SSLContext. we can use it for our URLConnection like following: URL url = new URL("https://thesecuredomain.org"); URLConnection con = url.openConnection(); ((HttpsURLConnection) con).setSSLSocketFactory(sslSocketFactory); con.connect(); in = con.getInputStream(); ...
相关推荐
URL以及URLConnection的使用
NULL 博文链接:https://zhoujianghai.iteye.com/blog/1195988
java中用URLConnection类post方式提交表单的方法。
介绍了各种IOS程序连接服务器的方法,开发IOS程序必备文档
导语:个人对网络连接接触的不多,在使用时自己发现一些问题,记录一下。... 解决方法: 方法1、网页返回内容不能是空; 方法2、不要用这个接口咯。 您可能感兴趣的文章:Android使用URLConnection提交请求的实现Androi
使用URL和URLConnection(多线程下载)
URLConnection和HttpClient使用入门
okhttp-urlconnection:3.10.0
安卓URLConnection进行网络编程,一个简单的例子,服务器也有~
同时使用picasso和OKHttp的时候,需要加入OKHttp-urlconnection
JDK中的URLConnection参数详解
import java.net.URLConnection; /** * 使用URLConnection下载文件或图片并保存到本地。 * * @author 老紫竹(laozizhu.com) */ public class URLConnectionDownloader { public static void main...
如果你用java编写了一个类似QQ的客户端(举例说明),想给webqq这样的网页或是servlet等发送消息,实现交互,那么URLConnection对你会很有帮助。需要的朋友请下载,如果有需要我们也可以互相交流,我也是一个java...
android 使用URL和URLConnection(多线程下载)_Hi Android_百度空间
主要用于截取页面!虽然有HttpClient但是有时候这个还是比较有用的!
URL的openConnection()方法将返回一个URLConnection对象,该对象表示应用程序和URL之间的通信连接。程序可以通过URLConnection实例向该URL发送请求,读取URL引用的资源。 程序Demo示范了如何向Web站点发送GET请求、...
NULL 博文链接:https://xiaolinjava.iteye.com/blog/1195523
NULL 博文链接:https://bijian1013.iteye.com/blog/2299735
java URLConnection 的详细介绍,牛人项目经验的总结,绝对通俗易懂,包括cookie操作,上传文件,以及下载网页等介绍,是非常难得文档和教材
一个通过Socket或URLConnection传文件的示例 Socket URLConnection 文件传输