Https与Http类似，只不过Https一般是通过post请求服务器，但是Https与http不同的是Https与服务器会话是处于连接状态。http则发送请求后连接就会断开。

另外使用HttpsURLConnection时需要实现HostnameVerifier 和 X509TrustManager，这两个实现是必须的，要不会报安全验证异常。

package cn.yws.httpstest;import java.io.BufferedReader;import java.io.ByteArrayOutputStream;import java.io.InputStream;import java.io.InputStreamReader;import java.math.BigInteger;import java.net.URL;import java.security.Principal;import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import java.util.ArrayList;import java.util.List;import java.util.Map;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSession;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import org.apache.http.HttpResponse;import org.apache.http.HttpStatus;import org.apache.http.NameValuePair;import org.apache.http.client.HttpClient;import org.apache.http.client.entity.UrlEncodedFormEntity;import org.apache.http.client.methods.HttpPost;import org.apache.http.message.BasicNameValuePair;import org.apache.http.params.CoreConnectionPNames;import android.app.Activity;import android.os.Bundle;import android.os.Handler;import android.os.Message;import android.util.Log;import android.view.View;import android.view.View.OnClickListener;import android.widget.EditText;public class MainActivity extends Activity {private static final String tag = MainActivity.class.getSimpleName();private EditText editText1;private Handler handler=new Handler(new Handler.Callback() {@Overridepublic boolean handleMessage(Message msg) {switch (msg.what) {case 10:{String html=(String) msg.obj;//子线程不能直接操作editText1editText1.setText(html);}break;default:break;}return false;}});@Overrideprotected void onCreate(Bundle savedInstanceState) {super.onCreate(savedInstanceState);setContentView(R.layout.activity_main);View button = this.findViewById(R.id.button);editText1=(EditText) findViewById(R.id.editText1);button.setOnClickListener(new OnClickListener(){@Overridepublic void onClick(View v) {onclick();}});}//方法一使用HttpsURLConnectionpublic void GetHttpsPost(String urlPath) throws Exception{URL url = new URL(urlPath);SSLContext sslctxt = SSLContext.getInstance("TLS");sslctxt.init(null, new TrustManager[]{new MyX509TrustManager()}, new java.security.SecureRandom());HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();//多了两个conn.setSSLSocketFactory(sslctxt.getSocketFactory());conn.setHostnameVerifier(new MyHostnameVerifier());conn.connect();int respCode = conn.getResponseCode();Log.d(tag, "ResponseCode="+respCode);InputStream input = conn.getInputStream();String result = toString(input);//Log.d(tag, "result:"+result);Message msg=Message.obtain();msg.what=10;msg.obj=result;handler.sendMessage(msg);//子线程不能直接操作editText1//editText1.setText(result);input.close();conn.disconnect();}private String toString(InputStream input){String content = null;try{InputStreamReader ir = new InputStreamReader(input);BufferedReader br = new BufferedReader(ir);StringBuilder sbuff = new StringBuilder();while(null != br){String temp = br.readLine();if(null == temp)break;sbuff.append(temp).append(System.getProperty("line.separator"));}content = sbuff.toString();}catch(Exception e){e.printStackTrace();}return content;}public void runHttpsClient(View view){String path="https://login.taobao.com/member/login.jhtml?spm=1.6659421.754894437.1.2pSgMy&f=top&redirectURL=http%3A%2F%2Fwww.taobao.com%2F";String html;try {html = sendHttpsClientPOSTRequest(path, null, "GBK");Message msg=Message.obtain();msg.what=10;msg.obj=html;handler.sendMessage(msg);} catch (Exception e) {e.printStackTrace();}}public static String sendHttpsClientPOSTRequest(String path, Map params, String encoding) throws Exception{List pairs = new ArrayList();//存放请求参数if(params!=null && !params.isEmpty()){for(Map.Entry entry : params.entrySet()){pairs.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));}}UrlEncodedFormEntity entity = new UrlEncodedFormEntity(pairs, encoding);HttpPost httpPost = new HttpPost(path);   httpPost.setEntity(entity);HttpClient client = HttpClientHelper.getHttpClient();client.getParams().setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 5*1000);HttpResponse response = client.execute(httpPost);if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {                    }return new String(readStream(response.getEntity().getContent()),encoding);}public static byte[] readStream(InputStream inStream) throws Exception {ByteArrayOutputStream outSteam = new ByteArrayOutputStream();byte[] buffer = new byte[1024];int len = -1;while ((len = inStream.read(buffer)) != -1) {outSteam.write(buffer, 0, len);}outSteam.close();inStream.close();return outSteam.toByteArray();}private void onclick(){new Thread(new Runnable(){@Overridepublic void run() {try{String str = "https://www.oschina.net/home/login?goto_page=http%3A%2F%2Fwww.oschina.net%2F";//String str="https://login.taobao.com/member/login.jhtml?spm=1.6659421.754894437.1.2pSgMy&f=top&redirectURL=http%3A%2F%2Fwww.taobao.com%2F";GetHttpsPost(str);}catch(Exception e){e.printStackTrace();}}}).start();;}//要实现x209证书认证static class MyX509TrustManager implements X509TrustManager{@Overridepublic void checkClientTrusted(X509Certificate[] chain, String authType)throws CertificateException {if(null != chain){for(int k=0; k < chain.length; k++){X509Certificate cer = chain[k];print(cer);}}Log.d(tag, "check client trusted. authType="+authType);}@Overridepublic void checkServerTrusted(X509Certificate[] chain, String authType)throws CertificateException {if(null != chain){for(int k=0; k < chain.length; k++){X509Certificate cer = chain[k];print(cer);}}Log.d(tag, "check  servlet trusted. authType="+authType);//是否信任服务器 Principal principal = null; boolean isOK=false;             for(X509Certificate x509Certificate : chain){                     principal = x509Certificate.getSubjectDN();                     Log.d(tag, "principal.getName():"+principal.getName());                     if(principal != null &&(principal.getName().indexOf("www.oschina.net")!=-1)){                                               isOK=true;                          break;                          //return ;                     }                                 }             if(isOK==false){             Log.d(tag, "访问非法域名");             return ;             }}@Overridepublic X509Certificate[] getAcceptedIssuers() {Log.d(tag, "get acceptedissuer");return null;}private void print(X509Certificate cer){int version = cer.getVersion();String sinname = cer.getSigAlgName();String type = cer.getType();String algorname = cer.getPublicKey().getAlgorithm();BigInteger serialnum = cer.getSerialNumber();Principal principal = cer.getIssuerDN();String principalname = principal.getName();Log.d(tag, "version="+version+", sinname="+sinname+", type="+type+", algorname="+algorname+", serialnum="+serialnum+", principalname="+principalname);}}//要实现主机名验证static class MyHostnameVerifier implements HostnameVerifier{@Overridepublic boolean verify(String hostname, SSLSession session) {Log.d(tag, "hostname="+hostname+",PeerHost= "+session.getPeerHost());return true;}}}

package cn.yws.httpstest;import java.io.IOException;import java.net.Socket;import java.net.UnknownHostException;import java.security.KeyManagementException;import java.security.KeyStore;import java.security.KeyStoreException;import java.security.NoSuchAlgorithmException;import java.security.UnrecoverableKeyException;import javax.net.ssl.SSLContext;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import org.apache.http.HttpVersion;import org.apache.http.client.HttpClient;import org.apache.http.conn.ClientConnectionManager;import org.apache.http.conn.params.ConnManagerParams;import org.apache.http.conn.scheme.PlainSocketFactory;import org.apache.http.conn.scheme.Scheme;import org.apache.http.conn.scheme.SchemeRegistry;import org.apache.http.conn.ssl.SSLSocketFactory;import org.apache.http.impl.client.DefaultHttpClient;import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;import org.apache.http.params.BasicHttpParams;import org.apache.http.params.HttpConnectionParams;import org.apache.http.params.HttpParams;import org.apache.http.params.HttpProtocolParams;import org.apache.http.protocol.HTTP;//方法二、使用HttpClientpublic class HttpClientHelper {private static HttpClient httpClient;private HttpClientHelper() {}public static synchronized HttpClient getHttpClient() {if (null == httpClient) {// 初始化工作try {KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());trustStore.load(null, null);SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);  //允许所有主机的验证HttpParams params = new BasicHttpParams();HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);HttpProtocolParams.setContentCharset(params,HTTP.DEFAULT_CONTENT_CHARSET);HttpProtocolParams.setUseExpectContinue(params, true);// 设置连接管理器的超时ConnManagerParams.setTimeout(params, 10000);// 设置连接超时HttpConnectionParams.setConnectionTimeout(params, 10000);// 设置socket超时HttpConnectionParams.setSoTimeout(params, 10000);// 设置http https支持SchemeRegistry schReg = new SchemeRegistry();schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));schReg.register(new Scheme("https", sf, 443));ClientConnectionManager conManager = new ThreadSafeClientConnManager(params, schReg);httpClient = new DefaultHttpClient(conManager, params);} catch (Exception e) {e.printStackTrace();return new DefaultHttpClient();}}return httpClient;}}class SSLSocketFactoryEx extends SSLSocketFactory {SSLContext sslContext = SSLContext.getInstance("TLS");public SSLSocketFactoryEx(KeyStore truststore)throws NoSuchAlgorithmException, KeyManagementException,KeyStoreException, UnrecoverableKeyException {super(truststore);TrustManager tm = new X509TrustManager() {@Overridepublic java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;}@Overridepublic void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType)throws java.security.cert.CertificateException {}@Overridepublic void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType)throws java.security.cert.CertificateException {}};sslContext.init(null, new TrustManager[] { tm }, null);}@Overridepublic Socket createSocket(Socket socket, String host, int port,boolean autoClose) throws IOException, UnknownHostException {return sslContext.getSocketFactory().createSocket(socket, host, port,autoClose);}@Overridepublic Socket createSocket() throws IOException {return sslContext.getSocketFactory().createSocket();}}

<?xml version="1.0" encoding="utf-8"?>                                                                                        

另外附上tomcat配置https双向认证文档。

http://download.csdn.net/detail/earbao/7120093

更多相关文章

1. SpringBoot 2.0 中 HikariCP 数据库连接池原理解析
2. Android中动画的详细讲解
3. Android(安卓)Widget ListView添加点击事件
4. 【Android(安卓)Developers Training】 86. 基于连接类型修改您
5. Android中的android:layout_weight使用详解
6. android 如何连真机测试
7. android eclipse环境搭建
8. Mac OS X下设置android NDK的环境（详细实测有图）
9. Android(安卓)SQLite 是否开启了 shared-cache 模式？

随机推荐

1. android SDK中打开AVD时提示PANIC: Could
2. Android蓝牙操作笔记
3. Android 使用反射机制获取或设置系统属性
4. Android 假期学习计划
5. Android开发历程_17(ContentProvider的使
6. Android UI新组件学习和使用
7. ImageView的android:scaleType各属性含义
8. Android(安卓)7.1.1 Toast引起的Crash
9. 使用Intent及Uri启动常用的应用与服务
10. 【Android笔记】Android的三种网络通信方