How to make a call to server using client private key and certificate provided by the server in spring boot?

Question

I'm new to ssl in java and need help. My application needs to call a payment provider server with the certificates provided by them and my public key.

Things I've done: 1. created private and public key using openssl and provided the public key to the service provider(server) 2. recieved certificate file(crt) from the server 3. created a jks file using keytool 4. added the certificate file to trust store 5. imported the keystore file to my spring boot application.

my code:

final String password = "password";
    SSLContext sslContext = SSLContextBuilder
            .create()
            .loadTrustMaterial(ResourceUtils.getFile("/home/workspace/gop/javaclient.jks"), password.toCharArray())
            .build();

    CloseableHttpClient client = HttpClients.custom()
            .setSSLContext(sslContext)
            .build();

    HttpComponentsClientHttpRequestFactory requestFactory
            = new HttpComponentsClientHttpRequestFactory();
    requestFactory.setHttpClient(client);

    RestTemplate restTemplate = new RestTemplate(requestFactory);

    String url = "https://someurl.com/rndpoint"; // Web Service endpoint that requires SSL

    ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.POST, HttpEntity.EMPTY, String.class);
    ResponseEntity<String> response2 = restTemplate.exchange(url, HttpMethod.GET, HttpEntity.EMPTY, String.class);

    System.out.println("Result = " + response.getBody());
    return response.getBody() + response2.getBody();

I have double checked and I have most certainly imported the certificate to cacerts.

My Output:

{
    "timestamp": "2020-04-19T08:28:18.871+0000",
    "status": 500,
    "error": "Internal Server Error",
    "message": "I/O error on POST request for \"https://nabiltest.compassplus.com:8444/Exec\": 
sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to 
requested target",
    "path": "/nabil-payment"
}

Answer 1

I finally managed to solve the problem. Here is my code snippet.

private RestTemplate getRestTemplateClientAuthentication()
 throws IOException, UnrecoverableKeyException, CertificateException, NoSuchAlgorithmException,
 KeyStoreException, KeyManagementException {
final String allPassword = "123456";
 TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
 SSLContext sslContext = SSLContextBuilder
 .create()
//if you use keystore
 .loadKeyMaterial(ResourceUtils.getFile("classpath:keystore.jks"),
 allPassword.toCharArray(), allPassword.toCharArray())
//if you want to use truststore instead
//.loadTrustMaterial(ResourceUtils.getFile("classpath:truststore.jks"), allPassword.toCharArray())
 .loadTrustMaterial(null, acceptingTrustStrategy)
 .build();
HttpClient client = HttpClients.custom()
 .setSSLContext(sslContext)
 .build();
HttpComponentsClientHttpRequestFactory requestFactory =
 new HttpComponentsClientHttpRequestFactory();
requestFactory.setHttpClient(client);
RestTemplate restTemplate = new RestTemplate(requestFactory);
return restTemplate;
}

now just call your endpoint using this function

// url ->  endpoint url
getRestTemplateClientAuthentication().exchange(url, HttpMethod.POST, HttpEntity.EMPTY, String.class);