java.net.ConnectException:连接被拒绝:连接 HTTPS 连接
java.net.ConnectException: Connection refused: connect for HTTPS connections
我创建了这个 class 作为独立程序在 Eclipse 中执行,它可以毫无问题地连接所有 http URL(例如:http://whosebug.com), but when I try to connect to a https (e.g. https://en.wikipedia.org/wiki/HTTPS)是不可能的
public class TEST4 {
public static void main(String[] args) throws IOException {
System.setProperty("http.proxyHost", "147.67.217.33");
System.setProperty("http.proxyPort", "8022");
System.setProperty("https.proxyHost", "147.67.217.33");
System.setProperty("https.proxyPort", "8022");
Authenticator.setDefault(new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("pecador", "9ddjk69t".toCharArray());
}
});
URL url=new URL("https://en.wikipedia.org/wiki/HTTPS");
URLConnection uc = url.openConnection ();
String encoded = new String (base64Encode(new String("pecador:9ddjk69t")));
uc.setRequestProperty("Proxy-Authorization", "Basic " + encoded);
uc.connect();
BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
}
public static String userNamePasswordBase64(String username, String password) {
return "Basic " + base64Encode(username + ":" + password);
}
private final static char base64Array[] = { 'A', 'B', 'C', 'D', 'E', 'F',
'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S',
'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's',
't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5',
'6', '7', '8', '9', '+', '/' };
private static String base64Encode(String string) {
String encodedString = "";
byte bytes[] = string.getBytes();
int i = 0;
int pad = 0;
while (i < bytes.length) {
byte b1 = bytes[i++];
byte b2;
byte b3;
if (i >= bytes.length) {
b2 = 0;
b3 = 0;
pad = 2;
} else {
b2 = bytes[i++];
if (i >= bytes.length) {
b3 = 0;
pad = 1;
} else
b3 = bytes[i++];
}
byte c1 = (byte) (b1 >> 2);
byte c2 = (byte) (((b1 & 0x3) << 4) | (b2 >> 4));
byte c3 = (byte) (((b2 & 0xf) << 2) | (b3 >> 6));
byte c4 = (byte) (b3 & 0x3f);
encodedString += base64Array[c1];
encodedString += base64Array[c2];
switch (pad) {
case 0:
encodedString += base64Array[c3];
encodedString += base64Array[c4];
break;
case 1:
encodedString += base64Array[c3];
encodedString += "=";
break;
case 2:
encodedString += "==";
break;
}
}
return encodedString;
}
}
您需要设置https代理。在您的示例中,仅设置了 http 代理。也可以使用身份验证器设置用户名和密码。希望能够自动选择合适的方法。
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.net.URLConnection;
public class Play {
public static void main(String[] args) throws IOException {
// Method 1 for Proxy
System.setProperty("http.proxyHost", "147.67.217.33");
System.setProperty("http.proxyPort", "8022");
System.setProperty("https.proxyHost", "147.67.217.33");
System.setProperty("https.proxyPort", "8022");
URL url=new URL("https://en.wikipedia.org/wiki/HTTPS");
URLConnection uc = url.openConnection();
Authenticator.setDefault(new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("pecador", "9ddjk69t".toCharArray());
}
});
uc.connect();
BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
}
}
[更新]
由于这仍然没有解决问题,我认为发生的事情是代理希望以纯文本方式进行协商,即使是请求用于代理 https 站点的用户名和密码。在某一时刻,客户端会期望数据通过 SSL 加密,而代理请求 BASIC 身份验证仍然是纯文本。我找到了一篇试图解决这个问题的旧文章:https tunneling。
另请参阅 this blog entry,因为它似乎是引用同一篇文章的有趣主题。
那里有很多 material 可以阅读学习,现在有点太多了,我无法掌握和重复。所以请原谅我直接让你参考那两个读物。像往常一样,我希望阅读您的经验,并希望您能成功。
[我永远的心愿]
代理和身份验证是企业环境的结构,我只是不明白为什么我们没有通过简单易用的 API 来正确处理。
不建议在生产环境中这样做,但您可以禁用 SSL 验证(例如:用于开发目的)。在使用 :
进行连接之前,将此代码添加到您的程序中
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {}
}
};
SSLContext sc=null;
try {
sc = SSLContext.getInstance("SSL");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
try {
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
HostnameVerifier validHosts = new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};
// All hosts will be valid
HttpsURLConnection.setDefaultHostnameVerifier(validHosts);
在生产环境中,您必须在 JVM 上安装 SSL 证书。
我创建了这个 class 作为独立程序在 Eclipse 中执行,它可以毫无问题地连接所有 http URL(例如:http://whosebug.com), but when I try to connect to a https (e.g. https://en.wikipedia.org/wiki/HTTPS)是不可能的
public class TEST4 {
public static void main(String[] args) throws IOException {
System.setProperty("http.proxyHost", "147.67.217.33");
System.setProperty("http.proxyPort", "8022");
System.setProperty("https.proxyHost", "147.67.217.33");
System.setProperty("https.proxyPort", "8022");
Authenticator.setDefault(new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("pecador", "9ddjk69t".toCharArray());
}
});
URL url=new URL("https://en.wikipedia.org/wiki/HTTPS");
URLConnection uc = url.openConnection ();
String encoded = new String (base64Encode(new String("pecador:9ddjk69t")));
uc.setRequestProperty("Proxy-Authorization", "Basic " + encoded);
uc.connect();
BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
}
public static String userNamePasswordBase64(String username, String password) {
return "Basic " + base64Encode(username + ":" + password);
}
private final static char base64Array[] = { 'A', 'B', 'C', 'D', 'E', 'F',
'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S',
'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's',
't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5',
'6', '7', '8', '9', '+', '/' };
private static String base64Encode(String string) {
String encodedString = "";
byte bytes[] = string.getBytes();
int i = 0;
int pad = 0;
while (i < bytes.length) {
byte b1 = bytes[i++];
byte b2;
byte b3;
if (i >= bytes.length) {
b2 = 0;
b3 = 0;
pad = 2;
} else {
b2 = bytes[i++];
if (i >= bytes.length) {
b3 = 0;
pad = 1;
} else
b3 = bytes[i++];
}
byte c1 = (byte) (b1 >> 2);
byte c2 = (byte) (((b1 & 0x3) << 4) | (b2 >> 4));
byte c3 = (byte) (((b2 & 0xf) << 2) | (b3 >> 6));
byte c4 = (byte) (b3 & 0x3f);
encodedString += base64Array[c1];
encodedString += base64Array[c2];
switch (pad) {
case 0:
encodedString += base64Array[c3];
encodedString += base64Array[c4];
break;
case 1:
encodedString += base64Array[c3];
encodedString += "=";
break;
case 2:
encodedString += "==";
break;
}
}
return encodedString;
}
}
您需要设置https代理。在您的示例中,仅设置了 http 代理。也可以使用身份验证器设置用户名和密码。希望能够自动选择合适的方法。
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.net.URLConnection;
public class Play {
public static void main(String[] args) throws IOException {
// Method 1 for Proxy
System.setProperty("http.proxyHost", "147.67.217.33");
System.setProperty("http.proxyPort", "8022");
System.setProperty("https.proxyHost", "147.67.217.33");
System.setProperty("https.proxyPort", "8022");
URL url=new URL("https://en.wikipedia.org/wiki/HTTPS");
URLConnection uc = url.openConnection();
Authenticator.setDefault(new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("pecador", "9ddjk69t".toCharArray());
}
});
uc.connect();
BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
}
}
[更新]
由于这仍然没有解决问题,我认为发生的事情是代理希望以纯文本方式进行协商,即使是请求用于代理 https 站点的用户名和密码。在某一时刻,客户端会期望数据通过 SSL 加密,而代理请求 BASIC 身份验证仍然是纯文本。我找到了一篇试图解决这个问题的旧文章:https tunneling。
另请参阅 this blog entry,因为它似乎是引用同一篇文章的有趣主题。
那里有很多 material 可以阅读学习,现在有点太多了,我无法掌握和重复。所以请原谅我直接让你参考那两个读物。像往常一样,我希望阅读您的经验,并希望您能成功。
[我永远的心愿]
代理和身份验证是企业环境的结构,我只是不明白为什么我们没有通过简单易用的 API 来正确处理。
不建议在生产环境中这样做,但您可以禁用 SSL 验证(例如:用于开发目的)。在使用 :
进行连接之前,将此代码添加到您的程序中TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {}
}
};
SSLContext sc=null;
try {
sc = SSLContext.getInstance("SSL");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
try {
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
HostnameVerifier validHosts = new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};
// All hosts will be valid
HttpsURLConnection.setDefaultHostnameVerifier(validHosts);
在生产环境中,您必须在 JVM 上安装 SSL 证书。