English | 简体中文
- JDK 1.7 or later.
<dependency>
<groupId>com.aliyun</groupId>
<artifactId>gmsse</artifactId>
<version>{{see the version on the badge}}</version>
</dependency>import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import java.net.URL;
import com.aliyun.gmsse.GMProvider;
public class Main {
public static void main(String[] args) throws Exception {
// init SSLSocketFactory
GMProvider provider = new GMProvider();
SSLContext sc = SSLContext.getInstance("TLS", provider);
sc.init(null, null, null);
SSLSocketFactory ssf = sc.getSocketFactory();
URL serverUrl = new URL("https://xxx/");
HttpsURLConnection conn = (HttpsURLConnection) serverUrl.openConnection();
conn.setRequestMethod("GET");
// set SSLSocketFactory
conn.setSSLSocketFactory(ssf);
conn.connect();
System.out.println("used cipher suite:");
System.out.println(conn.getCipherSuite());
}
}In the new version, GM-JSSE will verify server and CA certificates, if the CA root certificates are not imported in system, maybe have verfication errors. So you need add trust manager with CA certificates.
BouncyCastleProvider bc = new BouncyCastleProvider();
KeyStore ks = KeyStore.getInstance("JKS");
CertificateFactory cf = CertificateFactory.getInstance("X.509", bc);
FileInputStream is = new FileInputStream("/path/to/ca_cert");
X509Certificate cert = (X509Certificate) cf.generateCertificate(is);
ks.load(null, null);
ks.setCertificateEntry("gmca", cert);
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509", provider);
tmf.init(ks);
sc.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory ssf = sc.getSocketFactory();
Opening an Issue, Issues not conforming to the guidelines may be closed immediately.
Detailed changes for each release are documented in the release notes.
Copyright (c) 2009-present, Alibaba Cloud All rights reserved.