67,513
社区成员
发帖
与我相关
我的任务
分享工商银行网银查询接口开发问题
我用工商银行提供的商户pfx格式证书可以通过浏览器与https://corporbank.icbc.com.cn/servlet/ICBCINBSEBusinessServlet建立连接并按照指定格式提交表单得到返回数据,但用java编写时SSLSocket却无法握手成功,我把pfx导入到浏览器再导出成cer,然后用keytool导入到一个生成的证书库tomcat.keystore中,但通过以下代码却无法成功,host是我ping corporbank.icbc.com.cn得来的。请各位高手指点迷津。
//server socket's ip and port
//https://corporbank.icbc.com.cn/servlet/ICBCINBSEBusinessServlet
String host="60.247.99.4";
int port=80;
//keystore path and password
String keystore = "D:\\tomcat.keystore";
String pass="12345678";
//set up a connection
SSLSocketFactory ssf=null;
try
{
//init context
SSLContext ctx=SSLContext.getInstance("TLS");
KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
TrustManagerFactory tmf=TrustManagerFactory.getInstance("SunX509");
KeyStore ks=KeyStore.getInstance("JKS");
KeyStore tks=KeyStore.getInstance("JKS");
//load keystore
ks.load(new FileInputStream(keystore),pass.toCharArray());
tks.load(new FileInputStream(keystore),pass.toCharArray());
kmf.init(ks,pass.toCharArray());
tmf.init(tks);
ctx.init(kmf.getKeyManagers(),tmf.getTrustManagers(),new SecureRandom());
System.out.println("load keystore success.");
ssf=ctx.getSocketFactory();
//create socket
socket=(SSLSocket)ssf.createSocket(host,port);
System.out.println("create socket success.");
socket.setSoTimeout(3000);
String[] protocols = socket.getEnabledProtocols();
for (int i = 0; i < protocols.length; i++) {
System.out.println(protocols[i]);
}
socket.setEnabledProtocols(new String[]{"TLSv1"});
//handshake 总是在这里报Read timed out
socket.startHandshake();
System.out.println("handshake success.");
}catch(Exception e)
{
System.out.println("establish connection error.");
e.printStackTrace();
return;
}
...全文
请发表友善的回复…
发表回复
zyy8710204 2012-08-06
- 打赏
- 举报
公司也让我做一个连接工商的 我是新手还请多指点
shuzuowork2 2011-08-24
- 打赏
- 举报
学习了!
lasoft 2010-09-29
- 打赏
- 举报
zl3450341 2009-12-23
- 打赏
- 举报
哦
学习了
学习了
xiaohhys 2009-12-23
- 打赏
- 举报
那不是可以开发出来黑别人的money?
sean1203 2009-12-23
- 打赏
- 举报
mark
叶涛网站推广优化 2009-12-23
- 打赏
- 举报
tomatozq 结贴哈
loveeqing 2009-12-23
- 打赏
- 举报
错了,我是指不是.net写法
loveeqing 2009-12-23
- 打赏
- 举报
[Quote=引用 9 楼 tomatozq 的回复:]
自己参考别人的搞定了,由于服务器端证书验证失败,所有信任所有证书^o^。
Java code/**
* 所有主机默认通过*/privatestatic HostnameVerifier hnv=new HostnameVerifier() {publicboolean verify(String hostname, SSLSession session) {returntrue;
}
};/**
* 关键在这信任所有证书*/privatestatic TrustManager[] trustAllCerts=new TrustManager[] {new X509TrustManager() {public X509Certificate[] getAcceptedIssuers() {returnnull;
}publicvoid checkServerTrusted(X509Certificate[] certs, String authType) {return;
}publicvoid checkClientTrusted(X509Certificate[] certs, String authType) {return;
}
}//X509TrustManager };//TrustManager[]
String keyf="F:\\test.pfx";
String pass="12345678";//set up a connection SSLSocketFactory ssf=null;
PrintWriter out=null;
BufferedReader in=null;
String result="";try
{//init context SSLContext ctx=SSLContext.getInstance("TLS");
KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
TrustManagerFactory tmf=TrustManagerFactory.getInstance("SunX509");
KeyStore ks=KeyStore.getInstance("PKCS12");//load keystore ks.load(new FileInputStream(keyf),pass.toCharArray());
kmf.init(ks,pass.toCharArray());
ctx.init(kmf.getKeyManagers(),trustAllCerts,null);
System.out.println("load keystore success.");
ssf=ctx.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
URL realUrl=new URL(url);//打开和URL之间的连接 HttpsURLConnection conn= (HttpsURLConnection) realUrl.openConnection();//设置通用的请求属性 conn.setRequestProperty("accept","*/*");
conn.setRequestProperty("connection","Keep-Alive");
conn.setRequestProperty("user-agent","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)");//发送POST请求必须设置如下两行 conn.setDoOutput(true);
conn.setDoInput(true);//获取URLConnection对象对应的输出流 out=new PrintWriter(conn.getOutputStream());//发送请求参数 out.print(param);//flush输出流的缓冲 out.flush();//定义BufferedReader输入流来读取URL的响应 in=new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;while ((line= in.readLine())!=null)
{
result+="\n"+ line;
}
}catch(Exception e)
{
System.out.println("发送POST请求出现异常!"+ e);
e.printStackTrace();
}//使用finally块来关闭输出流、输入流finally
{try
{if (out!=null)
{
out.close();
}if (in!=null)
{
in.close();
}
}catch (IOException ex)
{
ex.printStackTrace();
}
}
[/Quote]
这段代码我见过,但是好象不是webform的写法?
自己参考别人的搞定了,由于服务器端证书验证失败,所有信任所有证书^o^。
Java code/**
* 所有主机默认通过*/privatestatic HostnameVerifier hnv=new HostnameVerifier() {publicboolean verify(String hostname, SSLSession session) {returntrue;
}
};/**
* 关键在这信任所有证书*/privatestatic TrustManager[] trustAllCerts=new TrustManager[] {new X509TrustManager() {public X509Certificate[] getAcceptedIssuers() {returnnull;
}publicvoid checkServerTrusted(X509Certificate[] certs, String authType) {return;
}publicvoid checkClientTrusted(X509Certificate[] certs, String authType) {return;
}
}//X509TrustManager };//TrustManager[]
String keyf="F:\\test.pfx";
String pass="12345678";//set up a connection SSLSocketFactory ssf=null;
PrintWriter out=null;
BufferedReader in=null;
String result="";try
{//init context SSLContext ctx=SSLContext.getInstance("TLS");
KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
TrustManagerFactory tmf=TrustManagerFactory.getInstance("SunX509");
KeyStore ks=KeyStore.getInstance("PKCS12");//load keystore ks.load(new FileInputStream(keyf),pass.toCharArray());
kmf.init(ks,pass.toCharArray());
ctx.init(kmf.getKeyManagers(),trustAllCerts,null);
System.out.println("load keystore success.");
ssf=ctx.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
URL realUrl=new URL(url);//打开和URL之间的连接 HttpsURLConnection conn= (HttpsURLConnection) realUrl.openConnection();//设置通用的请求属性 conn.setRequestProperty("accept","*/*");
conn.setRequestProperty("connection","Keep-Alive");
conn.setRequestProperty("user-agent","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)");//发送POST请求必须设置如下两行 conn.setDoOutput(true);
conn.setDoInput(true);//获取URLConnection对象对应的输出流 out=new PrintWriter(conn.getOutputStream());//发送请求参数 out.print(param);//flush输出流的缓冲 out.flush();//定义BufferedReader输入流来读取URL的响应 in=new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;while ((line= in.readLine())!=null)
{
result+="\n"+ line;
}
}catch(Exception e)
{
System.out.println("发送POST请求出现异常!"+ e);
e.printStackTrace();
}//使用finally块来关闭输出流、输入流finally
{try
{if (out!=null)
{
out.close();
}if (in!=null)
{
in.close();
}
}catch (IOException ex)
{
ex.printStackTrace();
}
}
[/Quote]
这段代码我见过,但是好象不是webform的写法?
swandragon 2009-10-23
- 打赏
- 举报
不知道,帮顶
tomatozq 2009-10-23
- 打赏
- 举报
自己参考别人的搞定了,由于服务器端证书验证失败,所有信任所有证书^o^。
/**
* 所有主机默认通过
*/
private static HostnameVerifier hnv = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
/**
* 关键在这信任所有证书
*/
private static TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
return;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
return;
}
}//X509TrustManager
};//TrustManager[]
String keyf="F:\\test.pfx";
String pass="12345678";
//set up a connection
SSLSocketFactory ssf=null;
PrintWriter out = null;
BufferedReader in = null;
String result = "";
try
{
//init context
SSLContext ctx=SSLContext.getInstance("TLS");
KeyManagerFactory kmf=KeyManagerFactory.getInstance("SunX509");
TrustManagerFactory tmf=TrustManagerFactory.getInstance("SunX509");
KeyStore ks=KeyStore.getInstance("PKCS12");
//load keystore
ks.load(new FileInputStream(keyf),pass.toCharArray());
kmf.init(ks,pass.toCharArray());
ctx.init(kmf.getKeyManagers(),trustAllCerts,null);
System.out.println("load keystore success.");
ssf=ctx.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
URL realUrl = new URL(url);
//打开和URL之间的连接
HttpsURLConnection conn = (HttpsURLConnection) realUrl.openConnection();
//设置通用的请求属性
conn.setRequestProperty("accept", "*/*");
conn.setRequestProperty("connection", "Keep-Alive");
conn.setRequestProperty("user-agent","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)");
//发送POST请求必须设置如下两行
conn.setDoOutput(true);
conn.setDoInput(true);
//获取URLConnection对象对应的输出流
out = new PrintWriter(conn.getOutputStream());
//发送请求参数
out.print(param);
//flush输出流的缓冲
out.flush();
//定义BufferedReader输入流来读取URL的响应
in = new BufferedReader(
new InputStreamReader(conn.getInputStream()));
String line;
while ((line = in.readLine())!= null)
{
result += "\n" + line;
}
}
catch(Exception e)
{
System.out.println("发送POST请求出现异常!" + e);
e.printStackTrace();
}
//使用finally块来关闭输出流、输入流
finally
{
try
{
if (out != null)
{
out.close();
}
if (in != null)
{
in.close();
}
}
catch (IOException ex)
{
ex.printStackTrace();
}
}
owen_008 2009-10-23
- 打赏
- 举报
很强啊~~加油~~
steel1985 2009-10-23
- 打赏
- 举报
没做过
menjianguo 2009-10-23
- 打赏
- 举报
没用过,
关注中
关注中
coolbamboo2008 2009-10-23
- 打赏
- 举报
帮顶,网银系统估计做的人少吧,楼主还是尽量阅读文档
springbird 2009-10-23
- 打赏
- 举报
不懂,帮顶
lzh_me 2009-10-23
- 打赏
- 举报
不懂。
学习...
学习...
阿士匹灵 2009-10-23
- 打赏
- 举报
路过
学习
学习
newleague 2009-10-23
- 打赏
- 举报
帮顶了
youjianbo_han_87 2009-10-23
- 打赏
- 举报
工行的东西一项很烂,鄙视,你看看他们的网银做的。真他妈的烂。
