使用 httpClient 和 cert.em 的 https post 请求
https post request using httpClient and cert.em
我有一段代码将负载发送到 https 端点(或应该)。我还有一个 .pem 格式的 CA 链,这就是我在代码中尝试添加的方式,使用它来执行 POST.
HttpClient client = new HttpClient();
Gson gson = new GsonBuilder().setPrettyPrinting().create();
String jsonString = gson.toJson(parentData);
Properties systemProps = System.getProperties();
systemProps.put( "javax.net.ssl.trustStore", "/Users/kaulk/Downloads/djca-2048.pem");
systemProps.put("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStoreType","pkcs12");
System.setProperties(systemProps);
PostMethod method = new PostMethod("https://beta.fcm.fint.xxx.net/notify/BuildNotification");
StringRequestEntity requestEntity = new StringRequestEntity(
jsonString,
"application/json",
"UTF-8");
method.setRequestEntity(requestEntity);
int statusCode = client.executeMethod(method);
但失败并显示错误:
Caused by: java.security.NoSuchAlgorithmException: Error constructing
implementation (algorithm: Default, provider: SunJSSE, class:
com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl) at
java.security.Provider$Service.newInstance(Provider.java:1245) at
sun.security.jca.GetInstance.getInstance(GetInstance.java:220) at
sun.security.jca.GetInstance.getInstance(GetInstance.java:147) at
javax.net.ssl.SSLContext.getInstance(SSLContext.java:125) at
javax.net.ssl.SSLContext.getDefault(SSLContext.java:68) at
javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:102)
... 22 more Caused by: java.io.IOException: Invalid keystore format
有什么原因吗?
根据 SSL 属性文档
javax.net.ssl.trustStoreType - (Optional) For Java keystore file
format, this property has the value jks (or JKS). You do not normally
specify this property, because its default value is already jks.
尝试设置javax.net.ssl.trustStoreType
您遇到的异常通常是由于潜在错误而引发的。
这些设置还将帮助您获取更多信息以进行故障排除
-Djavax.net.debug=ssl,或者至少 -Djavax.net.debug=ssl,keymanager
storeType应该以导入的证书文件为准
有用 post - Java Exception on SSLSocket creation
您必须先将 CA 证书导入密钥库,然后在 "javax.net.ssl.trustStore" 中传递密钥库。将证书导入密钥库:https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html#keytool_option_importcert.
此外,您设置系统属性的方式不一致 - System.setProperties(systemProps) 似乎覆盖了您在其上方行中设置的 属性。
我有一段代码将负载发送到 https 端点(或应该)。我还有一个 .pem 格式的 CA 链,这就是我在代码中尝试添加的方式,使用它来执行 POST.
HttpClient client = new HttpClient();
Gson gson = new GsonBuilder().setPrettyPrinting().create();
String jsonString = gson.toJson(parentData);
Properties systemProps = System.getProperties();
systemProps.put( "javax.net.ssl.trustStore", "/Users/kaulk/Downloads/djca-2048.pem");
systemProps.put("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStoreType","pkcs12");
System.setProperties(systemProps);
PostMethod method = new PostMethod("https://beta.fcm.fint.xxx.net/notify/BuildNotification");
StringRequestEntity requestEntity = new StringRequestEntity(
jsonString,
"application/json",
"UTF-8");
method.setRequestEntity(requestEntity);
int statusCode = client.executeMethod(method);
但失败并显示错误:
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl) at java.security.Provider$Service.newInstance(Provider.java:1245) at sun.security.jca.GetInstance.getInstance(GetInstance.java:220) at sun.security.jca.GetInstance.getInstance(GetInstance.java:147) at javax.net.ssl.SSLContext.getInstance(SSLContext.java:125) at javax.net.ssl.SSLContext.getDefault(SSLContext.java:68) at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:102) ... 22 more Caused by: java.io.IOException: Invalid keystore format
有什么原因吗?
根据 SSL 属性文档
javax.net.ssl.trustStoreType - (Optional) For Java keystore file format, this property has the value jks (or JKS). You do not normally specify this property, because its default value is already jks.
尝试设置javax.net.ssl.trustStoreType
您遇到的异常通常是由于潜在错误而引发的。
这些设置还将帮助您获取更多信息以进行故障排除 -Djavax.net.debug=ssl,或者至少 -Djavax.net.debug=ssl,keymanager
storeType应该以导入的证书文件为准 有用 post - Java Exception on SSLSocket creation
您必须先将 CA 证书导入密钥库,然后在 "javax.net.ssl.trustStore" 中传递密钥库。将证书导入密钥库:https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html#keytool_option_importcert.
此外,您设置系统属性的方式不一致 - System.setProperties(systemProps) 似乎覆盖了您在其上方行中设置的 属性。