【发布时间】:2018-12-12 14:49:40
【问题描述】:
所以我试图从我的 Java 代码访问 HTTPS 服务器,但由于本地主机和服务器之间的 SSL 握手问题,我无法访问。我尝试访问的服务器具有私人证书颁发机构颁发的有效证书。
所以经过一些研究后,我将 CA 根证书导入了 JVM 信任库。我使用 keytool 命令如下将证书导入 JRE。 keytool -import -alias mycertificate -keystore ..\lib\security\cacerts -file c:\mycert.cer
public static void main (String[]args) {
try {
// Open a secure connection.
URL url = new URL("*****");
HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
// Set up the connection properties
con.setRequestProperty( "Connection", "close" );
con.setDoInput(true);
con.setDoOutput(true);
con.setUseCaches(false);
con.setConnectTimeout( 30000 );
con.setReadTimeout( 30000 );
con.setRequestProperty("Accept","application/json");
con.setRequestProperty( "Content-Type","application/x-www-form- urlencoded");
con.setRequestMethod("POST");
// Set up the user authentication portion of the handshake with the private
File pKeyFile = new File("C:/cert.p12");
String pKeyPassword = "xxxx";
TrustManagerFactory tmf= TrustManagerFactory.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance("PKCS12");
InputStream keyInput = new FileInputStream(pKeyFile);
keyStore.load(keyInput, pKeyPassword.toCharArray());
keyInput.close();
tmf.init(keyStore);
SSLContext context = SSLContext.getInstance("SSL");
context.init(null, tmf.getTrustManagers(), new SecureRandom());
SSLSocketFactory sockFact = context.getSocketFactory();
con.setSSLSocketFactory( sockFact );
// Send the request
OutputStream outputStream = con.getOutputStream();
OutputStreamWriter osw = new OutputStreamWriter(outputStream, "UTF-8");
osw.write("grant_type=client_credentials&scope=sc0:fal");
osw.flush();
osw.close();
// Check for errors
int responseCode = con.getResponseCode();
System.out.println("POST Response Code :: " + responseCode);
InputStream inputStream;
if (responseCode == HttpURLConnection.HTTP_OK) {
//success
inputStream = con.getInputStream();
} else {
inputStream = con.getErrorStream();
}
// Process the response
BufferedReader reader;
String line = null;
reader = new BufferedReader( new InputStreamReader( inputStream ) );
while( ( line = reader.readLine() ) != null )
{
System.out.println( line );
//reader.append(line);
}
inputStream.close();
} catch (Exception e) { e.printStackTrace(); }
}
错误:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
任何帮助或帮助将不胜感激,谢谢
【问题讨论】:
-
你找到解决办法了吗?
标签: java rest authentication ssl-certificate truststore