SSLHandshakeException JAVA:使用密钥和证书文件

时间:2018-01-22 09:47:49

标签: java ssl openssl java-security

我有一个证书文件及其密钥。 使用这两个我能够使用postman成功调用给定的服务api。

现在我正在尝试编写一个应该使用这两个并调用API的客户端。在编写java代码之前,使用openssl使用现有的cert文件及其相应的密钥创建了一个pfx文件。经过一些示例之后over internet / stackoverflow:

private static String trustStorePath = "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/security/cacerts";
private static final String trustStorePassword = "changeit";
private static final String keyStoreFile = "/pathTocert/mycert.pfx";
private static final String keyStorePassword = "changeit";

public static SSLSocketFactory enableSSL() {
    SSLContext context = null;
    InputStream keyInput = null, truststream = null, certInput = null;

    KeyStore trustks;
    try {

        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyInput =  new FileInputStream(new File(keyStoreFile));


        keyStore.load(keyInput, keyStorePassword.toCharArray());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keyStore, keyStorePassword.toCharArray());

        trustks = KeyStore.getInstance("JKS");
        File trustcert = new File(trustStorePath);
        truststream = new FileInputStream(trustcert);
        trustks.load(truststream, trustStorePassword.toCharArray());
        truststream.close();

        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
        tmf.init(trustks);

        context = SSLContext.getInstance("TLS");
        context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());

        return context.getSocketFactory();

    } catch (KeyStoreException e) {

        e.printStackTrace();
    } catch (IOException e) {

        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {

        e.printStackTrace();
    } catch (CertificateException e) {

        e.printStackTrace();
    } catch (UnrecoverableKeyException e) {

        e.printStackTrace();
    } catch (KeyManagementException e) {

        e.printStackTrace();
    }
    return null;

}

在我的main方法中执行后,我正在设置SSLSocketFactory并进行https调用:

            URL myUrl = new URL(httpsURL);
            SSLSocketFactory sslSocketFactory = enableSSL();
             HttpsURLConnection conn = (HttpsURLConnection)myUrl.openConnection();

            conn.setSSLSocketFactory(sslSocketFactory);

             InputStream is = conn.getInputStream();
             InputStreamReader isr = new InputStreamReader(is);
             BufferedReader br = new BufferedReader(isr);

             String inputLine;

                while ((inputLine = br.readLine()) != null) {
                    System.out.println(inputLine);
                }

                br.close();

我是Java安全库的新手,我坚持使用

  

javax.net.ssl.SSLHandshakeException:   sun.security.validator.ValidatorException:没有可信证书   结果

我已经尝试了一些步骤,例如在JDK的cacerts中安装pfx或更改URL上给出的代码

How to connect to a secure website using SSL in Java with a pkcs12 file?

但是到目前为止我还没有任何工作。我将非常感谢您的帮助。如果需要更多信息,请写评论。

0 个答案:

没有答案