使用Apache httpclient:JAVA的双向SSL身份验证不起作用
在JAVA中使用ApacheHttpClient进行双向SSL身份验证(证书是自签名的)对我不起作用。我从服务器收到错误证书致命错误。我查看了wireshark中捕获的pcap,发现客户端并没有发送它的证书。这是我到目前为止所做的,非常感谢您的帮助 使用keytool生成的密钥库和信任库:使用Apache httpclient:JAVA的双向SSL身份验证不起作用,java,apache,ssl,https,apache-httpclient-4.x,Java,Apache,Ssl,Https,Apache Httpclient 4.x,在JAVA中使用ApacheHttpClient进行双向SSL身份验证(证书是自签名的)对我不起作用。我从服务器收到错误证书致命错误。我查看了wireshark中捕获的pcap,发现客户端并没有发送它的证书。这是我到目前为止所做的,非常感谢您的帮助 使用keytool生成的密钥库和信任库: keytool -importcert -file /home/foo/server.crt -alias server_cert -keystore /home/foo/ca_truststore.jks
keytool -importcert -file /home/foo/server.crt -alias server_cert -keystore /home/foo/ca_truststore.jks -noprompt -storepass foo
openssl pkcs12 -export -in /home/foo/client.crt -inkey /home/foo/client_private_key.pem -out /home/foo/client.p12 -name client_cert -passout pass:foo
keytool -importkeystore -deststorepass foo -destkeypass foo -destkeystore /home/foo/client_keystore.jks -srckeystore /home/foo/client.p12 -srcstoretype PKCS12 -srcstorepass foo -alias client_cert
使用这些JVM设置启动tomcat7
JAVA_OPTS="-Djava.awt.headless=true -Xmx512m -XX:+UseConcMarkSweepGC -Djavax.net.ssl.trustStore=/home/foo/ca_truststore.jks -Djavax.net.ssl.trustStorePassword=foo -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.keyStore=/home/foo/client_keystore.jks -Djavax.net.ssl.keyStorePassword=foo -Djavax.net.ssl.keyStoreType=JKS"
在我的JAVA应用程序代码中,我查询了trustStore和keyStore的系统属性,我可以看到它们与我上面设置的值相同
这是我的密码:
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
CloseableHttpClient httpclient = HttpClients.createDefault();
String url = "https://x.x.x.x";
String data = "something to send";
String authStringEnc = "This is Base 64 encoded userid:pwd";
try {
HttpPost request = new HttpPost(url);
StringEntity params = new StringEntity(data.toString());
request.setHeader("Authorization", "Basic " + authStringEnc);
request.addHeader("content-type", "application/json");
request.addHeader("Accept","application/json");
request.setEntity(params);
CloseableHttpResponse response = httpclient.execute(request);
try {
HttpEntity entity = response.getEntity();
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
EntityUtils.consume(entity);
} finally {
response.close();
}
}
我得到的例外:
默认情况下,HttpClient不考虑系统属性 试着替换
CloseableHttpClient httpclient = HttpClients.createDefault();
与
默认情况下,HttpClient不考虑系统属性 试着替换
CloseableHttpClient httpclient = HttpClients.createDefault();
与
默认情况下,HttpClient不考虑系统属性 试着替换
CloseableHttpClient httpclient = HttpClients.createDefault();
与
默认情况下,HttpClient不考虑系统属性 试着替换
CloseableHttpClient httpclient = HttpClients.createDefault();
与