package org.nutz.weixin.util; import javax.net.ssl.*; import java.io.File; import java.io.FileInputStream; import java.security.KeyStore; import java.security.SecureRandom; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; /** * Created by wizzer on 2017/3/23. */ public class WxPaySSL { public static SSLSocketFactory buildSSL(File file, String password) throws Exception { KeyStore keyStore = KeyStore.getInstance("PKCS12"); FileInputStream instream = new FileInputStream(file); try { keyStore.load(instream, password.toCharArray()); } finally { instream.close(); } TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmfactory.init(keyStore); TrustManager[] tms = {new X509TrustManager() { public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }}; KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, password.toCharArray()); SSLContext sc = SSLContext.getInstance("TLSv1"); sc.init(kmf.getKeyManagers(), tms, new SecureRandom()); return sc.getSocketFactory(); } }