如何在没有客户端证书的情况下调用 https rest 服务
How to call a https rest service without client certificate
我将不得不在不发送证书的情况下使用 https rest 服务,但我的应用程序仍在尝试查找路径。
try
{
HttpsURLConnection connection = (HttpsURLConnection) new URL(null, ResourceUtil.getEnvironmentMessage(URL), new sun.net.www.protocol.https.Handler()).openConnection();
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/json");
connection.connect();
String inputRequest = buildJsonRequest(request);
connection.setDoOutput(true);
OutputStream ucdlRequestStream = connection.getOutputStream();
requestStream.write(inputRequest.getBytes());
requestStream.flush();
if (connection.getResponseCode() != 200)
{
throw new SystemException("Failed : HTTP error code : " + connection.getResponseCode());
}
BufferedReader responseReader = new BufferedReader(new InputStreamReader((connection.getInputStream())));
String output;
LOGGER.info("Output from Server .... \n");
while ((output = responseReader.readLine()) != null)
{
boolean hasActiveProducts = output.contains("ACTIVE");
LOGGER.info(output);
}
connection.disconnect();
}
catch (IOException | EASystemException e)
{
LOGGER.error(e.getMessage(), e);
throw new SystemException(e.getMessage(), e);
}
LOGGER.info(String.valueOf(hasActiveProducts));
return hasActiveProducts;
看到以下错误:
原因:sun.security.validator.ValidatorException:PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径
在 sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
经过大量谷歌搜索,终于在下面找到了。
try
{
HttpsURLConnection connection = (HttpsURLConnection) new URL(null, url, new
sun.net.www.protocol.https.Handler()).openConnection();
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/json");
String inputRequest = buildRequest(object);
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager()
{
public X509Certificate[] getAcceptedIssuers()
{
return null;
}
public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
{
}
public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
{
}
}};
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
connection.setDefaultSSLSocketFactory(sc.getSocketFactory());
connection.setDoOutput(true);
connection.setDoInput(true);
OutputStream ucdlRequestStream = connection.getOutputStream();
ucdlRequestStream.write(inputRequest.getBytes());
ucdlRequestStream.flush();
ucdlRequestStream.close();
LOGGER.info(ucdlRequestStream.toString());
LOGGER.info(connection.getOutputStream().toString());
LOGGER.info(String.valueOf(connection.getResponseCode()));
if (connection.getResponseCode() != 200)
{
throw new EASystemException("Failed : HTTP error code : " + connection.getResponseCode());
}
}
catch (IOException | EASystemException e)
{
LOGGER.error(e.getMessage(), e);
throw new SystemException(e.getMessage(), e);
}
我将不得不在不发送证书的情况下使用 https rest 服务,但我的应用程序仍在尝试查找路径。
try
{
HttpsURLConnection connection = (HttpsURLConnection) new URL(null, ResourceUtil.getEnvironmentMessage(URL), new sun.net.www.protocol.https.Handler()).openConnection();
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/json");
connection.connect();
String inputRequest = buildJsonRequest(request);
connection.setDoOutput(true);
OutputStream ucdlRequestStream = connection.getOutputStream();
requestStream.write(inputRequest.getBytes());
requestStream.flush();
if (connection.getResponseCode() != 200)
{
throw new SystemException("Failed : HTTP error code : " + connection.getResponseCode());
}
BufferedReader responseReader = new BufferedReader(new InputStreamReader((connection.getInputStream())));
String output;
LOGGER.info("Output from Server .... \n");
while ((output = responseReader.readLine()) != null)
{
boolean hasActiveProducts = output.contains("ACTIVE");
LOGGER.info(output);
}
connection.disconnect();
}
catch (IOException | EASystemException e)
{
LOGGER.error(e.getMessage(), e);
throw new SystemException(e.getMessage(), e);
}
LOGGER.info(String.valueOf(hasActiveProducts));
return hasActiveProducts;
看到以下错误: 原因:sun.security.validator.ValidatorException:PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径 在 sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
经过大量谷歌搜索,终于在下面找到了。
try
{
HttpsURLConnection connection = (HttpsURLConnection) new URL(null, url, new
sun.net.www.protocol.https.Handler()).openConnection();
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/json");
String inputRequest = buildRequest(object);
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager()
{
public X509Certificate[] getAcceptedIssuers()
{
return null;
}
public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
{
}
public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
{
}
}};
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
connection.setDefaultSSLSocketFactory(sc.getSocketFactory());
connection.setDoOutput(true);
connection.setDoInput(true);
OutputStream ucdlRequestStream = connection.getOutputStream();
ucdlRequestStream.write(inputRequest.getBytes());
ucdlRequestStream.flush();
ucdlRequestStream.close();
LOGGER.info(ucdlRequestStream.toString());
LOGGER.info(connection.getOutputStream().toString());
LOGGER.info(String.valueOf(connection.getResponseCode()));
if (connection.getResponseCode() != 200)
{
throw new EASystemException("Failed : HTTP error code : " + connection.getResponseCode());
}
}
catch (IOException | EASystemException e)
{
LOGGER.error(e.getMessage(), e);
throw new SystemException(e.getMessage(), e);
}