1.组件版本信息
apache-tomcat-7.0.75
JDK 1.8.0_91

2.使用jdk自带的keytool命令生成keyStore文件test.keystore
命令：keytool -genkey -alias test123 -keypass test123 -keyalg RSA -keysize 1024 -keystore test.keystore -storepass test123

3.将test.keystore拷贝到apache-tomcat-7.0.75bin目录下

4.配置tomcat的conf目录server.XMl文件，在配置文件中新增SSL配置

<Connector SSLEnabled=@H_512_35@"true" clientAuth="false" keystoreFile="bin/test.keystore" keystorePass="test123" maxThreads="150" port="8443" PRotocol="org.apache.coyote.http11.Http11Protocol" scheme="https" secure="true" sslProtocol="TLS"/> 

5.将webservice工程添加进tomcat并启动，使用postman访问http和https链接。http可以正常访问，https访问不了，由于客户端证书问题

@H_304_85@

6.新建类HttpClientTest，用于配置https相关SSL设置

import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate;   import javax.net.ssl.SSLContext;    import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.TrustStrategy; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.ssl.SSLContextBuilder;  public class HttpClientTest {     public static CloseableHttpClient createSSLClient()             throws KeyManagementException, NoSuchAlgorithmException,             KeyStoreException     {         SSLContext sslContext = new SSLContextBuilder().loadTrustMATErial(                 null, new TrustStrategy()                 {                     public boolean isTrusted( X509Certificate[] chain,                             String authType ) throws CertificateException                     {                         return true;                     }                 } ).build();         SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(                 sslContext, NoopHostnameVerifier.INSTANCE );         return HttpClients.custom().setSSLSocketFactory( sslsf ).build();     } } 

7.新建类HttpClientUtil，用于测试https的get请求

import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.net.URI; import java.net.URISyntaxException; import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import org.apache.COMmons.LOGging.Log; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.client.ClientProtocolException; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.util.EntityUtils;  public class HttpClientUtil {     public static void main( String[] args ) throws ClientProtocolException,             IOException, URISyntaxException, KeyManagementException,             NoSuchAlgorithmException, KeyStoreException     {         String url = "https://localhost:8443/maven-example/hello";         CloseableHttpClient httpClient = HttpClientTest.createSSLClient();         HttpGet get = new HttpGet();         get.setURI( new URI( url ) );         HttpResponse response = httpClient.execute( get );         String s = streamToString( response.getEntity().getContent() );         System.out.println( s );     }      private static String streamToString( InputStream is )             throws IOException     {          String line = "";         StringBuilder total = new StringBuilder();         BufferedReader rd = new BufferedReader( new InputStreamReader( is ) );         while ( (line = rd.readLine()) != null )         {             total.append( line );         }         return total.toString();     } } 

8.执行main方法，正确输出https的response响应

9.操作过程中遇到一个问题，报主机名验证错误

SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(                 sslContext); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(                 sslContext, NoopHostnameVerifier.INSTANCE);