如何在 spring 引导中使用服务器提供的客户端私钥和证书调用服务器?
[英]How to make a call to server using client private key and certificate provided by the server in spring boot?
问题描述
I'm new to ssl in java and need help.
我是 java 中 ssl 的新手,需要帮助。 My application needs to call a payment provider server with the certificates provided by them and my public key.我的应用程序需要使用他们提供的证书和我的公钥调用支付提供商服务器。
Things I've done: 1. created private and public key using openssl and provided the public key to the service provider(server) 2. recieved certificate file(crt) from the server 3. created a jks file using keytool 4. added the certificate file to trust store 5. imported the keystore file to my spring boot application.我所做的事情: 1. 使用 openssl 创建私钥和公钥,并将公钥提供给服务提供商(服务器) 2. 从服务器接收证书文件(crt) 3. 使用 keytool 创建一个 jks 文件 4. 添加证书文件到信任库 5. 将密钥库文件导入我的 spring 启动应用程序。
my code:我的代码:
final String password = "password";
SSLContext sslContext = SSLContextBuilder
.create()
.loadTrustMaterial(ResourceUtils.getFile("/home/workspace/gop/javaclient.jks"), password.toCharArray())
.build();
CloseableHttpClient client = HttpClients.custom()
.setSSLContext(sslContext)
.build();
HttpComponentsClientHttpRequestFactory requestFactory
= new HttpComponentsClientHttpRequestFactory();
requestFactory.setHttpClient(client);
RestTemplate restTemplate = new RestTemplate(requestFactory);
String url = "https://someurl.com/rndpoint"; // Web Service endpoint that requires SSL
ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.POST, HttpEntity.EMPTY, String.class);
ResponseEntity<String> response2 = restTemplate.exchange(url, HttpMethod.GET, HttpEntity.EMPTY, String.class);
System.out.println("Result = " + response.getBody());
return response.getBody() + response2.getBody();
I have double checked and I have most certainly imported the certificate to cacerts.我已经仔细检查过,我肯定已经将证书导入了 cacerts。
My Output:我的 Output:
{
"timestamp": "2020-04-19T08:28:18.871+0000",
"status": 500,
"error": "Internal Server Error",
"message": "I/O error on POST request for \"https://nabiltest.compassplus.com:8444/Exec\":
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to
requested target",
"path": "/nabil-payment"
}
1 个解决方案
解决方案1
1 2020-04-19 11:46:08
I finally managed to solve the problem.我终于设法解决了这个问题。 Here is my code snippet.这是我的代码片段。
private RestTemplate getRestTemplateClientAuthentication()
throws IOException, UnrecoverableKeyException, CertificateException, NoSuchAlgorithmException,
KeyStoreException, KeyManagementException {
final String allPassword = "123456";
TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
SSLContext sslContext = SSLContextBuilder
.create()
//if you use keystore
.loadKeyMaterial(ResourceUtils.getFile("classpath:keystore.jks"),
allPassword.toCharArray(), allPassword.toCharArray())
//if you want to use truststore instead
//.loadTrustMaterial(ResourceUtils.getFile("classpath:truststore.jks"), allPassword.toCharArray())
.loadTrustMaterial(null, acceptingTrustStrategy)
.build();
HttpClient client = HttpClients.custom()
.setSSLContext(sslContext)
.build();
HttpComponentsClientHttpRequestFactory requestFactory =
new HttpComponentsClientHttpRequestFactory();
requestFactory.setHttpClient(client);
RestTemplate restTemplate = new RestTemplate(requestFactory);
return restTemplate;
}
now just call your endpoint using this function现在只需使用此 function 调用您的端点
// url -> endpoint url
getRestTemplateClientAuthentication().exchange(url, HttpMethod.POST, HttpEntity.EMPTY, String.class);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.