Ssl apache httpclient pfx文件
我正在使用ApacheHttpClient 4.5.3和ApacheHttpCore 4.4.6。我需要通过执行POST调用来调用SOAP WS 他们给了我一张pfx证书。我通过配置soapui在soapui中使用了它,所有的工作都非常好。我可以调用WS,它会给我一个响应。所以证书是有效的 现在,我正在尝试配置ApacheHttpClient来执行相同的操作。下面是我写的代码:Ssl apache httpclient pfx文件,ssl,apache-httpclient-4.x,Ssl,Apache Httpclient 4.x,我正在使用ApacheHttpClient 4.5.3和ApacheHttpCore 4.4.6。我需要通过执行POST调用来调用SOAP WS 他们给了我一张pfx证书。我通过配置soapui在soapui中使用了它,所有的工作都非常好。我可以调用WS,它会给我一个响应。所以证书是有效的 现在,我正在尝试配置ApacheHttpClient来执行相同的操作。下面是我写的代码: KeyStore clientStore = KeyStore.getInstance("PKCS12"); In
KeyStore clientStore = KeyStore.getInstance("PKCS12");
InputStream instream = Thread.currentThread().getContextClassLoader().getResourceAsStream(keystoreName);
try {
clientStore.load(instream, keyStorePwd.toCharArray());
} finally {
instream.close();
}
SSLContext sslCtx = SSLContext.getDefault();
SSLConnectionSocketFactory sslConnectionFactory = new SSLConnectionSocketFactory(sslCtx);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslConnectionFactory).register("http", new PlainConnectionSocketFactory()).build();
PoolingHttpClientConnectionManager pcm = new PoolingHttpClientConnectionManager(registry);
HttpClientBuilder hcb = HttpClientBuilder.create();
hcb.setConnectionManager(pcm);
CloseableHttpClient httpClient = hcb.build();
keystoreclientstore=KeyStore.getInstance(“PKCS12”);
InputStream instream=Thread.currentThread().getContextClassLoader().getResourceAsStream(keystoreName);
试一试{
load(instream,keystrepwd.toCharArray());
}最后{
流内关闭();
}
SSLContext sslCtx=SSLContext.getDefault();
SSLConnectionSocketFactory sslConnectionFactory=新的SSLConnectionSocketFactory(sslCtx);
Registry Registry=RegistryBuilder.create().register(“https”,sslConnectionFactory).register(“http”,new PlainConnectionSocketFactory()).build();
PoolightPClientConnectionManager pcm=新的PoolightPClientConnectionManager(注册表);
HttpClientBuilder hcb=HttpClientBuilder.create();
设置连接管理器(pcm);
CloseableHttpClient httpClient=hcb.build();
安杰洛我想我错过了什么。我在这里发布我的解决方案,希望它能有用 基本上我错了,因为我没有仔细配置SSLContext 我必须仔细配置它 这是我写的:
KeyStore clientStore = KeyStore.getInstance("PKCS12");
InputStream instream = Thread.currentThread().getContextClassLoader().getResourceAsStream(keystoreName);
try {
clientStore.load(instream, keyStorePwd.toCharArray());
} finally {
instream.close();
}
//Trust everybody
X509TrustManager tm = new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws CertificateException {}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws CertificateException {}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;}
};
SSLContext sslCtx = SSLContext.getInstance("TLS");
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmfactory.init(clientStore, keyStorePwd != null ? keyStorePwd.toCharArray() : null);
KeyManager[] keymanagers = kmfactory.getKeyManagers();
sslCtx.init(keymanagers, new TrustManager[]{tm}, null);
SSLConnectionSocketFactory sslConnectionFactory = new SSLConnectionSocketFactory(sslCtx);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslConnectionFactory).register("http", new PlainConnectionSocketFactory()).build();
PoolingHttpClientConnectionManager pcm = new PoolingHttpClientConnectionManager(registry);
HttpClientBuilder hcb = HttpClientBuilder.create();
hcb.setConnectionManager(pcm);
CloseableHttpClient httpClient = hcb.build();
keystoreclientstore=KeyStore.getInstance(“PKCS12”);
InputStream instream=Thread.currentThread().getContextClassLoader().getResourceAsStream(keystoreName);
试一试{
load(instream,keystrepwd.toCharArray());
}最后{
流内关闭();
}
//相信每一个人
X509TrustManager tm=新的X509TrustManager(){
@凌驾
public void checkClientTrusted(java.security.cert.X509Certificate[]arg0,字符串arg1)抛出CertificateException{}
@凌驾
public void checkServerTrusted(java.security.cert.X509Certificate[]arg0,字符串arg1)抛出CertificateException{}
@凌驾
public java.security.cert.X509Certificate[]getAcceptedIssuers(){return null;}
};
SSLContext sslCtx=SSLContext.getInstance(“TLS”);
KeyManagerFactory kmfactory=KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
init(clientStore,keystrepwd!=null?keystrepwd.toCharArray():null);
KeyManager[]keymanagers=kmfactory.getKeyManagers();
init(keymanagers,newtrustmanager[]{tm},null);
SSLConnectionSocketFactory sslConnectionFactory=新的SSLConnectionSocketFactory(sslCtx);
Registry Registry=RegistryBuilder.create().register(“https”,sslConnectionFactory).register(“http”,new PlainConnectionSocketFactory()).build();
PoolightPClientConnectionManager pcm=新的PoolightPClientConnectionManager(注册表);
HttpClientBuilder hcb=HttpClientBuilder.create();
设置连接管理器(pcm);
CloseableHttpClient httpClient=hcb.build();