? ? ?版權聲明：本文為博主原創文章，未經博主允許不得轉載。如需轉載請聲明：【轉自 http://blog.csdn.net/xiaoxian8023 】 ? ? ?上篇文章說道httpclient不能直接訪問https的資源，這次就來模擬一下環境，然后配置https測試一下。在前面的文章中，分享了一篇自己生成并在tomcat中配置ssl的文章《[Tomcat配置SSL](http://blog.csdn.net/xiaoxian8023/article/details/49619777)》，大家可以據此來在本地配置https。我已經配置好了，效果是這樣滴：  ? ? ?可以看到已經信任該證書（顯示淺綠色小鎖），瀏覽器可以正常訪問。現在我們用代碼測試一下： ~~~ public static void main(String[] args) throws ParseException, IOException, KeyManagementException, NoSuchAlgorithmException, HttpProcessException { String url = "https://sso.tgb.com:8443/cas/login"; String body = send(url, null, "utf-8"); System.out.println("交易響應結果："); System.out.println(body); System.out.println("-----------------------------------"); } ~~~  ? ? ?發現拋出了異常，我知道的有兩種方案（也許還有我不知道的方案），這里介紹第一種方案，也是用的比較多的方案——繞過證書驗證。直接看代碼吧： ~~~ /** * 繞過驗證 * * @return * @throws NoSuchAlgorithmException * @throws KeyManagementException */ public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException { SSLContext sc = SSLContext.getInstance("SSLv3"); // 實現一個X509TrustManager接口，用于繞過驗證，不用修改里面的方法 X509TrustManager trustManager = new X509TrustManager() { @Override public void checkClientTrusted( java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } @Override public void checkServerTrusted( java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; sc.init(null, new TrustManager[] { trustManager }, null); return sc; } ~~~ ? ? ?然后修改原來的send方法： ~~~ /** * 模擬請求 * * @param url 資源地址 * @param map 參數列表 * @param encoding 編碼 * @return * @throws NoSuchAlgorithmException * @throws KeyManagementException * @throws IOException * @throws ClientProtocolException */ public static String send(String url, Map<String,String> map,String encoding) throws KeyManagementException, NoSuchAlgorithmException, ClientProtocolException, IOException { String body = ""; //采用繞過驗證的方式處理https請求 SSLContext sslcontext = createIgnoreVerifySSL(); // 設置協議http和https對應的處理socket鏈接工廠的對象 Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.INSTANCE) .register("https", new SSLConnectionSocketFactory(sslcontext)) .build(); PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry); HttpClients.custom().setConnectionManager(connManager); //創建自定義的httpclient對象 CloseableHttpClient client = HttpClients.custom().setConnectionManager(connManager).build(); // CloseableHttpClient client = HttpClients.createDefault(); //創建post方式請求對象 HttpPost httpPost = new HttpPost(url); //裝填參數 List<NameValuePair> nvps = new ArrayList<NameValuePair>(); if(map!=null){ for (Entry<String, String> entry : map.entrySet()) { nvps.add(new BasicNameValuePair(entry.getKey(), entry.getValue())); } } //設置參數到請求對象中 httpPost.setEntity(new UrlEncodedFormEntity(nvps, encoding)); System.out.println("請求地址："+url); System.out.println("請求參數："+nvps.toString()); //設置header信息 //指定報文頭【Content-type】、【User-Agent】 httpPost.setHeader("Content-type", "application/x-www-form-urlencoded"); httpPost.setHeader("User-Agent", "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt)"); //執行請求操作，并拿到結果（同步阻塞） CloseableHttpResponse response = client.execute(httpPost); //獲取結果實體 HttpEntity entity = response.getEntity(); if (entity != null) { //按指定編碼轉換結果實體為String類型 body = EntityUtils.toString(entity, encoding); } EntityUtils.consume(entity); //釋放鏈接 response.close(); return body; } ~~~ ? ? ?現在再進行測試，發現果然通了。  ? ? ?下篇介紹另一種方案，應對自己生成的證書，敬請期待。