https请求比http更安全 是在http的基础上加了SSL数据加密协议。

http的连接很简单，是无状态的；HTTPS协议是由SSL+HTTP协议构建的可进行加密传输、身份认证的网络协议，比http协议安全。

因为之前写的是版本比较久的https请求方式，下面介绍看到较新的方式：

import java.net.URI;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import java.util.Map.Entry;

import javax.net.ssl.SSLContext;

import org.apache.http.HttpEntity;

import org.apache.http.HttpResponse;

import org.apache.http.HttpStatus;

import org.apache.http.client.HttpClient;

import org.apache.http.client.config.RequestConfig;

import org.apache.http.client.methods.CloseableHttpResponse;

import org.apache.http.client.methods.HttpGet;

import org.apache.http.client.methods.HttpPost;

import org.apache.http.client.utils.URIBuilder;

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;

import org.apache.http.conn.ssl.SSLContextBuilder;

import org.apache.http.conn.ssl.TrustStrategy;

import org.apache.http.entity.mime.MultipartEntityBuilder;

import org.apache.http.impl.client.CloseableHttpClient;

import org.apache.http.impl.client.HttpClients;

import org.apache.http.util.EntityUtils;

public class HttpClientUtil {

    public static final Logger logger = LoggerFactory.getLogger(HttpClientUtil.class);

    public static String doPost(String url, String json)  throws Exception {

        SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {

            @Override

            public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {

                return true;

            }

        }).build();

        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);

        HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).build();

        HttpPost httppost = new HttpPost(url);

        MultipartEntityBuilder mEntityBuilder = MultipartEntityBuilder.create();

        //params

        //mEntityBuilder.addTextBody("userName", "1234");

        httppost.setEntity(mEntityBuilder.build());

        //httppost.addHeader("Content-Type", "Application/JSON");

        //其他方法添加参数...

        /*StringEntity entity = new StringEntity(json, Charsets.UTF_8);//解决中文乱码问题

        entity.setContentEncoding("UTF-8");

        entity.setContentType("application/json");

        httppost.setEntity(entity);*/

        int timeOut = 1000*50;

        // set Timeout

        RequestConfig requestConfig = RequestConfig.custom().setConnectionRequestTimeout(timeOut)

                .setConnectTimeout(timeOut).setSocketTimeout(timeOut).build();

        httppost.setConfig(requestConfig);

        // get responce

        HttpResponse responce = httpClient.execute(httppost);

        // get http status code

        int status = responce.getStatusLine().getStatusCode();

        System.out.println("request code:" + status);

        String resultString = null;

        if (status == HttpStatus.SC_OK) {

            // get result data

            HttpEntity entity = responce.getEntity();

            resultString = EntityUtils.toString(entity, Charsets.UTF_8);

        }

        return resultString;

    }

}

主要看的是这个：

http://www.jsjtt.com/java/JavaWebkaifa/117.html

另外的还有对其原理介绍深入的：

http://www.aneasystone.com/archives/2016/04/java-and-https.html

其他的：

http://blog.csdn.net/shenyunsese/article/details/41075579