因此,我正在尝试使用HttpClient 4.5.3向PuppetDB端点发出SSL请求,该端点使用自己的证书进行签名。来自docs的以下cUrl查询工作正常:
curl -X GET https://hostname:8081/pdb/query/v4/resources \
--tlsv1 \
--cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
--cert /etc/puppetlabs/puppet/ssl/certs/hostname.pem \
--key /etc/puppetlabs/puppet/ssl/private_keys/hostname.pem \
--data-urlencode query@query.txt
我尝试了文档here,但这不起作用。我在网上找到的大多数例子都是HttpClient< 4.3,并且所有这些方法都已弃用。我尝试使用以下所有证书:
SSLContextBuilder sshbuilder = new SSLContextBuilder();
sshbuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sshbuilder.build());
try(CloseableHttpClient httpclient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.build()) {
HttpGet get = new HttpGet(uri);
httpclient.execute(get, (ResponseHandler<Void>) response -> {
StatusLine line = response.getStatusLine();
int code = line.getStatusCode();
logger.println("Response code: " + code);
return null;
});
}
返回:
Executor #0 for master : executing test #44, WRITE: TLSv1 Handshake, length = 48
Executor #0 for master : executing test #44, received EOFException: error
Executor #0 for master : executing test #44, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
%% Invalidated: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
Executor #0 for master : executing test #44, SEND TLSv1 ALERT: fatal, description = handshake_failure
Executor #0 for master : executing test #44, WRITE: TLSv1 Alert, length = 32
Executor #0 for master : executing test #44, called closeSocket()
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
任何帮助都会很棒。谢谢!