How to use

SecureRandom

in

java.security

 private static SSLContext sslContext(String keystoreFile, String password)
   throws GeneralSecurityException, IOException {
  KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
  try (InputStream in = new FileInputStream(keystoreFile)) {
   keystore.load(in, password.toCharArray());
  }
  KeyManagerFactory keyManagerFactory =
    KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
  keyManagerFactory.init(keystore, password.toCharArray());

  TrustManagerFactory trustManagerFactory =
    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
  trustManagerFactory.init(keystore);

  SSLContext sslContext = SSLContext.getInstance("TLS");
  sslContext.init(
    keyManagerFactory.getKeyManagers(),
    trustManagerFactory.getTrustManagers(),
    new SecureRandom());

  return sslContext;
 }
}

public AlternativeJdkIdGenerator() {
  SecureRandom secureRandom = new SecureRandom();
  byte[] seed = new byte[8];
  secureRandom.nextBytes(seed);
  this.random = new Random(new BigInteger(seed).longValue());
}

/**
 * Constructor. Initializes random generator, attempting first to use SecureRandom, then failing over to Random.
 */
public UUID4Util() {
 try {
  random = SecureRandom.getInstance( "SHA1PRNG", "SUN" );
 } catch ( Exception e ) {
  random = new Random();
 }
}

/**
 * 使用性能更好的SHA1PRNG, Tomcat的sessionId生成也用此算法.
 * 
 * 但JDK7中，需要在启动参数加入 -Djava.security=file:/dev/./urandom （中间那个点很重要）
 * 
 * 详见：《SecureRandom的江湖偏方与真实效果》http://calvin1978.blogcn.com/articles/securerandom.html
 */
public static SecureRandom secureRandom() {
  try {
    return SecureRandom.getInstance("SHA1PRNG");
  } catch (NoSuchAlgorithmException e) {// NOSONAR
    return new SecureRandom();
  }
}

  @Override
  public void run() {
    SecureRandom random = new SecureRandom(); // Get the real random seed from /dev/random
    queue.add(random.nextLong());
  }
};

KeyStore clientStore = KeyStore.getInstance("PKCS12");
   clientStore.load(new FileInputStream("test.p12"), "testPass".toCharArray());
   KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
   kmf.init(clientStore, "testPass".toCharArray());
   KeyManager[] kms = kmf.getKeyManagers();
   KeyStore trustStore = KeyStore.getInstance("JKS");
   trustStore.load(new FileInputStream("cacerts"), "changeit".toCharArray());
   TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
   tmf.init(trustStore);
   TrustManager[] tms = tmf.getTrustManagers();
   SSLContext sslContext = null;
   sslContext = SSLContext.getInstance("TLS");
   sslContext.init(kms, tms, new SecureRandom());
   HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
   URL url = new URL("https://www.testurl.com");
   HttpsURLConnection urlConn = (HttpsURLConnection) url.openConnection();

 SSLContext sslContext = SSLContext.getInstance("TLS");
 X509TrustManager[] xtmArray = new X509TrustManager[] {xtm};
 sslContext.init(null, xtmArray, new java.security.SecureRandom());
 HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
 HttpsURLConnection.setDefaultHostnameVerifier(hnv);
 HttpsURLConnection httpsUrlConn = (HttpsURLConnection) (new URL(serverUrl)).openConnection();
 httpsUrlConn.setRequestMethod("POST");
 conn = httpsUrlConn;
} else {
 URL url = new URL(serverUrl);
 conn = url.openConnection();

String urlNameString = url + "?" + param;
try {
  SSLContext sc = SSLContext.getInstance(SSL);
  sc.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());
  URL console = new URL(urlNameString);
  HttpsURLConnection conn = (HttpsURLConnection) console.openConnection();
  conn.setRequestProperty(ACCEPT, "*/*");
  conn.setRequestProperty(CONNECTION, CONNECTION_VALUE);
  conn.setRequestProperty(USER_AGENT, USER_AGENT_VALUE);
  conn.setRequestProperty(ACCEPT_CHARSET, UTF8);
  conn.setRequestProperty(CONTENTTYPE, UTF8);
  conn.setDoInput(true);
  conn.setSSLSocketFactory(sc.getSocketFactory());
  conn.setHostnameVerifier(new TrustAnyHostnameVerifier());
  conn.connect();

public static byte[] httpsRequestByte(String requestUrl, String requestMethod, String outputStr) {
  try {
    TrustManager[] tm = { new JEEWeiXinX509TrustManager() };
    SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE");
    sslContext.init(null, tm, new java.security.SecureRandom());
    SSLSocketFactory ssf = sslContext.getSocketFactory();
    URL url = new URL(requestUrl);
    HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
    conn.setSSLSocketFactory(ssf);
    conn.setDoOutput(true);
    conn.setDoInput(true);
    conn.setUseCaches(false);
    conn.setRequestMethod(requestMethod);

private void processHandshakeFailure(Socket raw) throws Exception {
 SSLContext context = SSLContext.getInstance("TLS");
 context.init(null, new TrustManager[] {UNTRUSTED_TRUST_MANAGER}, new SecureRandom());
 SSLSocketFactory sslSocketFactory = context.getSocketFactory();
 SSLSocket socket = (SSLSocket) sslSocketFactory.createSocket(
   raw, raw.getInetAddress().getHostAddress(), raw.getPort(), true);
 try {
  socket.startHandshake(); // we're testing a handshake failure
  throw new AssertionError();
 } catch (IOException expected) {
 }
 socket.close();
}

SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(new KeyManager[0], new TrustManager[] {new DefaultTrustManager()}, new SecureRandom());
SSLContext.setDefault(ctx);
URL url = new URL("https://mms.nw.ru");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setHostnameVerifier(new HostnameVerifier() {
  @Override
  public boolean verify(String arg0, SSLSession arg1) {

private SSLSocketFactory getSocketFactory() throws GeneralSecurityException, IOException {
 KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
 KeyStore keyStore = KeyStore.getInstance("PKCS12");
 InputStream keyInput = new FileInputStream(pathToPkcs12File);
 keyStore.load(keyInput, password.toCharArray());
 keyInput.close();
 keyManagerFactory.init(keyStore, password.toCharArray());
 SSLContext context = SSLContext.getInstance("TLS");
 context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
 return context.getSocketFactory();
}

try {
  CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
  KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
  keyStore.load(null);
  int index = 0;
  for (InputStream certificate : certificates) {
  SSLContext sslContext = SSLContext.getInstance("TLS");
  TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
  trustManagerFactory.init(keyStore);
  sslContext.init(keyManagers, trustManagerFactory.getTrustManagers(), new SecureRandom());
  SSLSocketFactory socketFactory = sslContext.getSocketFactory();
  return socketFactory;
} catch (Exception e) {

 import java.security.SecureRandom;
import java.math.BigInteger;

public final class SessionIdentifierGenerator {
 private SecureRandom random = new SecureRandom();

 public String nextSessionId() {
  return new BigInteger(130, random).toString(32);
 }
}

private static HttpURLConnection getConnection(URL url, String method, String ctype, Map<String, String> headerMap) throws IOException {
  HttpURLConnection conn = (HttpURLConnection) url.openConnection();
  if (conn instanceof HttpsURLConnection) {
    HttpsURLConnection connHttps = (HttpsURLConnection) conn;
    if (ignoreSSLCheck) {
      try {
        SSLContext ctx = SSLContext.getInstance("TLS");
        ctx.init(null, new TrustManager[]{new TrustAllTrustManager()}, new SecureRandom());
        connHttps.setSSLSocketFactory(ctx.getSocketFactory());
        connHttps.setHostnameVerifier(new HostnameVerifier() {
          public boolean verify(String hostname, SSLSession session) {
            return true;

 OkHttpClient client = new OkHttpClient();
KeyStore keyStore = readKeyStore(); //your method to obtain KeyStore
SSLContext sslContext = SSLContext.getInstance("SSL");
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, "keystore_pass".toCharArray());
sslContext.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(), new SecureRandom());
client.setSslSocketFactory(sslContext.getSocketFactory());

private Random getRandom() {
  if (useSecureRandom) {
    return new SecureRandom();
  } else {
    return new Random();
  }
}

  trustStore.load(trustStoreStream, truststorePasswd);
final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
final SSLContext ctx = SSLContext.getInstance(protocol);
ctx.init(new KeyManager[0], trustManagerFactory.getTrustManagers(), new SecureRandom());

 static final String AB = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
static SecureRandom rnd = new SecureRandom();

String randomString( int len ){
  StringBuilder sb = new StringBuilder( len );
  for( int i = 0; i < len; i++ ) 
   sb.append( AB.charAt( rnd.nextInt(AB.length()) ) );
  return sb.toString();
}

@Test
public void getRandom() {
  System.out.println(RandomUtil.secureRandom().nextInt());
  System.out.println(RandomUtil.threadLocalRandom().nextInt());
}