使用 apache httpClient 客户端在没有 ssl 证书验证的情况下将发布数据发送到 https
Posted
技术标签:
【中文标题】使用 apache httpClient 客户端在没有 ssl 证书验证的情况下将发布数据发送到 https【英文标题】:sending post data to https without ssl cert verification with apache httpClient client 【发布时间】:2013-01-11 17:56:42 【问题描述】:我需要使用 apache HttpClient 包将帖子数据发送到 https url,
发送帖子数据后,我需要检索 html 数据。
我发送的帖子数据是一个 XML 字符串,而我接收的帖子数据是一个 XML 字符串。
任何有关该问题的信息将不胜感激。
我用谷歌搜索并在互联网上找到了使用 DefaultHttpClient 的示例,现在版本 4 中已弃用。所以想知道如何正确使用新版客户端。
谢谢。
更新
public String sendPost(final String request, final String postData) throws ClientProtocolException, IOException
String result = null;
CloseableHttpClient httpclient = HttpClients.createDefault();
HttpPost httpPost = new HttpPost(request);
CloseableHttpResponse response = httpclient.execute(httpPost);
try
HttpEntity entity = response.getEntity();
result = EntityUtils.toString(entity);
EntityUtils.consume(entity);
finally
response.close();
return result;
到目前为止,我想出了这个发送请求并从响应中检索字符串的函数。我认为它应该工作。我缺少的是我对 postData 没有做任何事情。如何在我的请求中发送帖子数据?
【问题讨论】:
为什么您不想使用套接字编写一个简单的 telnet 客户端? 因为将来我需要验证 ssl 证书 【参考方案1】:public String sendPost(final String request, final String postData) throws ClientProtocolException, IOException, NoSuchAlgorithmException, KeyManagementException
String result = null;
SSLContext sslContext = SSLContext.getInstance("SSL");
// set up a TrustManager that trusts everything
sslContext.init(null, new TrustManager[] new X509TrustManager()
public X509Certificate[] getAcceptedIssuers()
System.out.println("getAcceptedIssuers =============");
return null;
public void checkClientTrusted(X509Certificate[] certs,
String authType)
System.out.println("checkClientTrusted =============");
public void checkServerTrusted(X509Certificate[] certs,
String authType)
System.out.println("checkServerTrusted =============");
, new SecureRandom());
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(new SSLSocketFactory(sslContext)).build();
HttpPost httpPost = new HttpPost(request);
ByteArrayEntity postDataEntity = new ByteArrayEntity(postData.getBytes());
httpPost.setEntity(postDataEntity);
CloseableHttpResponse response = httpclient.execute(httpPost);
try
HttpEntity entity = response.getEntity();
result = EntityUtils.toString(entity);
EntityUtils.consume(entity);
finally
response.close();
return result;
【讨论】:
SSLSocketFactory 现已折旧!
@joker 我们应该改用什么?
@EliHalych,很遗憾,我不确定。【参考方案2】:
这是另一种使用 Apache 4.5 的方法:
/////////////////
// Create SSL Client
/////////////////
CloseableHttpClient httpclient = null;
HttpHost target = new HttpHost('www.mysite.com', 443, "https");
SSLContext sslcontext = SSLContexts.createSystemDefault();
SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(
sslcontext, new String[] "TLSv1", "SSLv3" , null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.INSTANCE)
.register("https", sslConnectionSocketFactory)
.build();
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
httpclient = HttpClients.custom()
.setSSLSocketFactory(sslConnectionSocketFactory)
.setConnectionManager(cm)
.build();
/////////////////
// Send POST
/////////////////
HttpPost httppost = new HttpPost('/mypath');
ByteArrayEntity postDataEntity = new ByteArrayEntity(postData.getBytes());
httpPost.setEntity(postDataEntity);
CloseableHttpResponse response = httpclient.execute(target, httpPost);
/////////////////
// Get RESPONSE
/////////////////
try
HttpEntity entity = response.getEntity();
result = EntityUtils.toString(entity);
EntityUtils.consume(entity);
finally
response.close();
【讨论】:
如果提供到所需 jars/依赖项的链接会更好以上是关于使用 apache httpClient 客户端在没有 ssl 证书验证的情况下将发布数据发送到 https的主要内容,如果未能解决你的问题,请参考以下文章
工具篇:apache-httpClient 和 jdk11-HttpClient的使用
使用 apache httpClient 客户端在没有 ssl 证书验证的情况下将发布数据发送到 https
使用 Java 和 apache HttpClient 的 Apache Shiro authcBasic 身份验证
java 使用apache httpClient客户端将发布数据发送到https而不使用ssl证书验证