HTTP Client是一个客户端HTTP协议的类库
1、首先是下载APACHE HTTP CLIENT相关的JAR,目前我引入到工程中的相关文件时:
httpclient-4.0.3.jar
httpcore-4.0.1.jar
httpmime-4.0.3.jar
commons-codec-1.4.jar
commons-logging-1.1.1.jar
JAR包之前的引用关系在README等相关说明中已有。
2、下载并运行TOMCAT,我下载的是TOMCAT6(对应的是JDK5),主要注意的是需要配置CATALINA_HOME这个环境变量。
3、制作服务器端证书,下面是我一个示例:
C:\Documents and Settings\dingjunxing>keytool -genkey -alias tomcat3 -keystore F
:\eclipse\workspace\httpc\tomcat3.keystore
输入keystore密码: 123456
您的名字与姓氏是什么?
[Unknown]: localhost
您的组织单位名称是什么?
[Unknown]: sz
您的组织名称是什么?
[Unknown]: sz
您所在的城市或区域名称是什么?
[Unknown]: shenzhen
您所在的州或省份名称是什么?
[Unknown]: guangdong
该单位的两字母国家代码是什么
[Unknown]: cn
CN=localhost, OU=sz, O=sz, L=shenzhen, ST=guangdong, C=cn 正确吗?
[否]: y
输入<tomcat3>的主密码
(如果和 keystore 密码相同,按回车): 123456
4、根据服务器证书导出客户端证书,有两种方式,一种为采用IE,下面提供一个利用KEY TOOL导出的方式:
keytool -export -file tomcat3.cert -alias tomcat3 -keystore F:\eclipse\workspace\httpc\tomcat3.keystore
注意:上面命令行必须进入到%java_home%/jre/lib/security中。
5、将获取到的客户端证书导入:
C:\Program Files\Java\jdk1.5.0_15\jre\lib\security>keytool -import -keystore cac
erts -file F:\eclipse\workspace\httpc\tomcat3.cert
输入keystore密码: 123456
Owner: CN=localhost, OU=sz, O=sz, L=shenzhen, ST=guangdong, C=cn
发照者: CN=localhost, OU=sz, O=sz, L=shenzhen, ST=guangdong, C=cn
序号: 4cc55438
有效期间: Mon Oct 25 17:56:08 CST 2010 至: Sun Jan 23 17:56:08 CST 2011
认证指纹:
MD5: E4:2E:BE:AC:A1:5D:E0:95:C7:95:93:BF:B3:F3:EE:5E
SHA1: F8:9A:BB:FA:C8:C5:8A:D2:FA:98:A1:95:64:65:42:9A:8F:0B:4A:7D
信任这个认证? [否]: y
认证已添加至keystore中
6、TOMCAT中相关设置,主要是修改CATALINA_HOME下的conf/server.xml,在其中添加如下一个连接器:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="F:\eclipse\workspace\httpc\tomcat3.keystore" keystorePass="123456"/>
7、运行相关代码:
package org.apache.http.examples.client;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
/**
* This example demonstrates how to create secure connections with a custom SSL
* context.
*/
public class ClientCustomSSL {
public static void main(String[] args) throws Exception {
DefaultHttpClient httpclient = new DefaultHttpClient();
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
FileInputStream instream = new FileInputStream(new File("tomcat3.keystore"));
try {
trustStore.load(instream, "123456".toCharArray());
} finally {
instream.close();
}
SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
Scheme sch = new Scheme("https", socketFactory, 8443);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
HttpGet httpget = new HttpGet("https://localhost:8443/docs");
System.out.println("executing request" + httpget.getRequestLine());
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
if (entity != null) {
entity.consumeContent();
}
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}
运行结果正常,当然也可以通过在浏览器中输入“https://localhost:8443/”的方式进行访问。