?
android前端与java web后台如何进行ssl交互(双向的)?
?
1、创建后台密钥(serverKey.jks)和android前端密钥(clientKey.bks),同样再创建后台信任库(serverTrust.jks)和android前端信任库(clientTrust.bks)。
?
2、将后台的密key导出证书server.cer,将前端的密key导出证书client.cer,将server.cer导入到前端信任库clientTrust.bks,将client.cer导入到后台的信任库serverTrust.jks,使前后互相信任(双向的)。
?
3、后台配置weblogic服务器中的ssl,如何配置,可Google一下
?
?
4、前端android请求,部分代码如下:
?
public final class SSLTransport
{
private SSLSocketFactory sslSocketFactory = null;
public String sendAndReceive(String requestUrl, String sid, String xml, SSLConfig sslConfig) throws Exception
{
String returnXml = null;
OutputStream os = null;
HttpsURLConnection connection = null;
try
{
System.setProperty("java.protocol.handler.pkgs", "javax.net.ssl");
HostnameVerifier hostnameVerifier = new HostnameVerifier()
{
public boolean verify(String urlHostName, SSLSession session)
{
String peerHost = session.getPeerHost();
if(peerHost.equalsIgnoreCase("localhost"))
{
peerHost = "192.168.0.119";
}
return urlHostName.equals(peerHost);
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
URL url = new URL(requestUrl);
connection = (HttpsURLConnection)url.openConnection();
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "text/xml;charset=GBK");
connection.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; FIREFOX 3.6; IBM AIX 5)");
connection.setConnectTimeout(10 * 1000);
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setSSLSocketFactory(getSSLSocketFactory(sslConfig));
connection.connect();
writeStringToStream(connection.getOutputStream(), repairRacketXml(sid, xml));
if(HttpsURLConnection.HTTP_OK == connection.getResponseCode())
{
returnXml = readStringFromStream(connection.getInputStream());
}
}
finally
{
if(os != null)
{
os.close();
}
if(connection != null)
{
connection.disconnect();
}
}
return returnXml;
}
/**
* 获取 SSLSocketFactory 实例。
* @param sslConfig SSLConfig 实例。
* @return SSLSocketFactory 实例。
* @throws Exception Exception 实例。
*/
private SSLSocketFactory getSSLSocketFactory(SSLConfig sslConfig) throws Exception
{
//取得SSLContext
SSLContext sslContext = SSLContext.getInstance(sslConfig.getProtocol());
//取得X509私钥管理器
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(sslConfig.getAlgorithm());
//取得X509信任管理器
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(sslConfig.getAlgorithm());
//取得私钥库实例
KeyStore keyStore = KeyStore.getInstance(sslConfig.getStoreType());
//取得信任库实例
KeyStore trustkeyStore = KeyStore.getInstance(sslConfig.getStoreType());
//加载私钥库
keyStore.load(sslConfig.getIdentityStoreStream(), sslConfig.getIdentityStorePassword().toCharArray());
//加载信任列表
trustkeyStore.load(sslConfig.getTrustStoreStream(), sslConfig.getTrustStorePassword().toCharArray());
//初始化私钥工厂
keyManagerFactory.init(keyStore, sslConfig.getIdentityStorePassword().toCharArray());
//初始化信任列表工厂
trustManagerFactory.init(trustkeyStore);
//初始化SSLContext
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
//通过SSLContext取得SocketFactory
if(sslSocketFactory == null)
{
sslSocketFactory = sslContext.getSocketFactory();
}
//关闭输入流。
sslConfig.getIdentityStoreStream().close();
sslConfig.getTrustStoreStream().close();
return sslSocketFactory;
}
/**
* 从输入流中获取字符串。
* @param is InputStream 实例。
* @return 结果字符串。
* @throws Exception Exception 实例。
*/
private String readStringFromStream(InputStream is) throws Exception
{
StringBuffer sb = new StringBuffer();
InputStreamReader isr = null;
BufferedReader br = null;
try
{
String buffer = null;
isr = new InputStreamReader(is, "GBK");
br = new BufferedReader(isr);
while((buffer = br.readLine()) != null)
{
sb.append(buffer);
}
}
catch(Exception ex)
{
throw new Exception(ex);
}
finally
{
if(br != null)
{
br.close();
}
if(isr != null)
{
isr.close();
}
if(is != null)
{
is.close();
}
}
return sb.toString().trim();
}
/**
* 将XML字符串写入输出流。
* @param os OutputStream 实例。
* @param xml XML字符串。
* @throws Exception Exception 实例。
*/
private void writeStringToStream(OutputStream os, String xml) throws Exception
{
OutputStreamWriter osw = null;
try
{
osw = new OutputStreamWriter(os, "GBK");
osw.write(xml);
osw.flush();
}
catch(Exception ex)
{
throw new Exception(ex);
}
finally
{
if(osw != null)
{
osw.close();
}
if(os != null)
{
os.close();
}
}
}
/**
* 修复Packet形式的XML字符串。
* @param sid 服务请求ID。
* @param xml 请求XML。
* @return 修复后Packet形式的字符串。
* @throws Exception Exception 异常。
*/
private String repairRacketXml(String sid, String xml) throws Exception
{
Packet packet = PacketParser.parse(xml);
packet.getHead().getService().setHandler(sid);
return packet.toString();
}
}