使用httpClient和cert.em發送https請求

我有一段代碼將有效負載發送到https端點（或應該）。我也有一個.pem格式的CA鏈，我在代碼中嘗試添加它，並使用它來執行POST。使用httpClient和cert.em發送https請求

HttpClient client = new HttpClient(); 
       Gson gson = new GsonBuilder().setPrettyPrinting().create(); 
       String jsonString = gson.toJson(parentData); 
       Properties systemProps = System.getProperties(); 
       systemProps.put("javax.net.ssl.trustStore", "/Users/kaulk/Downloads/djca-2048.pem"); 
       systemProps.put("javax.net.ssl.trustStorePassword", "changeit"); 
       System.setProperty("javax.net.ssl.keyStoreType","pkcs12"); 
       System.setProperties(systemProps);    
       PostMethod method = new PostMethod("https://beta.fcm.fint.xxx.net/notify/BuildNotification"); 
       StringRequestEntity requestEntity = new StringRequestEntity(
           jsonString, 
           "application/json", 
           "UTF-8"); 
       method.setRequestEntity(requestEntity); 
       int statusCode = client.executeMethod(method);

但它失敗，錯誤：

Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl) at java.security.Provider$Service.newInstance(Provider.java:1245) at sun.security.jca.GetInstance.getInstance(GetInstance.java:220) at sun.security.jca.GetInstance.getInstance(GetInstance.java:147) at javax.net.ssl.SSLContext.getInstance(SSLContext.java:125) at javax.net.ssl.SSLContext.getDefault(SSLContext.java:68) at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:102) ... 22 more Caused by: java.io.IOException: Invalid keystore format

任何原因？

來源

2015-06-09 Scooby

按照文件上的SSL性能

javax.net.ssl.trustStoreType - (Optional) For Java keystore file format, this property has the value jks (or JKS). You do not normally specify this property, because its default value is already jks.

嘗試設置javax.net.ssl.trustStoreType

你越來越經常引發的異常是由於潛在的錯誤。

這些設置也將幫助你獲得更多的信息，以解決 -Djavax.net.debug = SSL，或者至少-Djavax.net.debug = SSL，的KeyManager

的的storetype應根據證書文件導入有用的帖子 - Java Exception on SSLSocket creation

來源

2015-06-09 12:48:48

trustStoreType應該是什麼？ pkcs12或jks？ – Scooby

它應該是默認的jks - http://docs.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#Customization –

但它應該取決於您的證書文件格式 - https ：//docs.oracle.com/cd/E29585_01/PlatformServices.61x/security/src/tsec_ssl_jsp_pkcs12.html –

您必須將CA證書首先導入到密鑰庫中，然後通過密鑰庫中的「javax.net.ssl.trustStore中」。將證書導入密鑰庫：https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html#keytool_option_importcert。

此外，您設置系統屬性的方式不一致 - System.setProperties(systemProps)似乎覆蓋您在其上方的行中設置的屬性。

來源

2015-06-09 12:53:01 vempo

謝謝，讓我試試。 – Scooby

使用httpClient和cert.em發送https請求

回答

相關問題