How to use Play WS with SSL?

前端 未结 3 1680
无人及你
无人及你 2021-02-10 07:13

My Java client application needs to do REST calls. I was instructed to use Play\'s WS implementation. Currently, I have this:

AsyncHttpClientConfig.Builder build         


        
相关标签:
3条回答
  • 2021-02-10 07:30
    1. Make sure you have added your Certificate to your trust-store like this:

    keytool -import -trustcacerts -keystore {JAVA_HOME}/jre/lib/security/cacerts -noprompt -alias -file {CORRECT_PATH}/what_ever.crt

    1. If still the problem exists, set the path directly by setting java parameters in your execution command line like this:

    -Djavax.net.ssl.trustStore={JAVA_HOME}/jre/lib/security/cacerts

    0 讨论(0)
  • 2021-02-10 07:32

    Its not possible directly with WS. Play docs says : "WS does not support client certificates (aka mutual TLS / MTLS / client authentication). You should set the SSLContext directly in an instance of AsyncHttpClientConfig and set up the appropriate KeyStore and TrustStore."

    You could do something like this maybe:

    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory
            .getDefaultAlgorithm());
    KeyStore keyStore = KeyStore.getInstance("pkcs12");
    InputStream inputStream = new FileInputStream("YOUR.p12");
    
    keyStore.load(inputStream, "Your password as char[]");
    keyManagerFactory.init(keyStore, "Your password as char[]");
    
    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
    sslContext.init(keyManagerFactory.getKeyManagers(), null,new SecureRandom());
    AsyncHttpClientConfig httpClientConfig = new AsyncHttpClientConfig.Builder().setSSLContext(sslContext).build();
    AsyncHttpClient httpClient = new AsyncHttpClient(httpClientConfig);
    
    0 讨论(0)
  • 2021-02-10 07:36

    You want to use the parser. See https://www.playframework.com/documentation/2.3.x/KeyStores for details about the configuration.

    val config = play.api.Configuration(ConfigFactory.parseString("""
                                  |trustManager = {
                                  |  stores = [
                                  |    { type: "pkcs12", path: "/path/to/pkcs12/file", password: "foo" }
                                  |  ]
                                  |}
                                """.stripMargin))
    val parser = new DefaultSSLConfigParser(config, app.classloader)
    val sslConfig = parser.parse()
    
    val clientConfig = new DefaultWSClientConfig(sslConfig = sslConfig)
    val secureDefaults = new NingAsyncHttpClientConfigBuilder(clientConfig).build()
    val builder = new AsyncHttpClientConfig.Builder(secureDefaults)
    val wsc = new play.libs.ws.ning.NingWSClient(builder.build());
    val holder = wsc.url("http://www.simpleweb.org/");
    
    0 讨论(0)
提交回复
热议问题