Bootstrap
登录 注册

如何使用带有 ssl 证书的 https 客户端调用 apis 表单 java

apisslhttpsssl-certificatehttpclient
发布时间:2021-02-26 15:35

我正在使用 HttpClient 从 java 文件调用 rest api。通过使用它,我可以调用 http api 但不能调用 https api。

我在调用 httpsapi 时遇到以下错误。

**javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)**

我想使用 CloseableHttpClient 调用 https api。

我有包含私钥的证书文件。 请告诉我如何使用此私钥调用 api。

回答1

要使用 https 调用 API,您需要配置 SSLContext 并将其设置为您的 HttpClient。请参阅下面的示例代码。这只是示例,您可以从类路径、表单文件系统等不同的方式加载密钥库和信任库,并进行相应的更改。

    KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());

    KeyStore identity = KeyStore.getInstance(KeyStore.getDefaultType());
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(trustStore);
    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(identity, "password".toCharArray());
    SSLContext sslContext = SSLContext.getInstance("TLSv1.3");
    sslContext.init(
        keyManagerFactory.getKeyManagers(), 
        trustManagerFactory.getTrustManagers(), 
        null
    );
    HttpClient httpClient = HttpClients.custom()
            .setSSLContext(sslContext)
            .setSSLHostnameVerifier(new DefaultHostnameVerifier())
            .build();
api 相关推荐
ssl 相关推荐
https 相关推荐
ssl-certificate 相关推荐
httpclient 相关推荐