发表新帖
发表新帖

SSL certificate problem in a web service proxy

前端 未结
关注
3 2022
梦毁少年i
梦毁少年i 2021-01-22 15:12

I am building a JAVA web service client in which i connect to a service.

This service has a ssl certificate verification.

How to call this service using ssl cert

相关标签:
3条回答
  • 梦毁少年i
    2021-01-22 15:35

    You mean your web service is protected with a "client certificate"? If yes, get the certificate in either a .p12 (PFX) or keystore format from the service provider and use the following System properties to set it before your call:

    javax.net.ssl.keyStore - Path to the keystore on your server

    javax.net.ssl.keyStorePassword - passphrase for that keystore

    javax.net.ssl.keyStoreType - Set it to "pkcs12" is the client certificate provided to you is .p12

    If you application is client to only one web service provider, set these properties as VM arguments, if not, you may need to create specific SSLConnectionFactory for each secured endpoint. Refer to my response on this post for details on creating custom SSL Socket Factories.

    0 讨论(0)
  • 无人及你
    2021-01-22 15:48

    I am able to do the web service connection...

    I added the key store using the command:

    keytool -import -trustcacerts -file <file path/filename.cer> -alias <aliasName> -keystore <JAVA_HOME/jre/lib/security/cacerts>

    gave the password as "changeit" and added the certificate in keystore.

    Now in code i added two lines:

    System.setProperty("javax.net.ssl.trustStore", "<JAVA_HOME>/jre/lib/security/cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

    also added 

    _call.setUsername("username");
_call.setPassword("password");

    where _call is the call object of Call Class.

    And it worked!!!!!!

    0 讨论(0)
  • 南笙
    2021-01-22 15:50

    All you need to do is injecting the server root certificate to your JDK/JRE environments by using the following command line: -

    keytool -importcerts -trustcacerts -file <path_to_root_cer_file> -alias <the_server_alias> -keystore <your_keystore>

    The default [your_keystore] is

     1. <JDK_HOME>/jre/lib/security/cacerts
 2. <JRE_HOME>/lib/security/cacerts

    The default password is changeit.

    When you call the web service, just mention the 

    "https://<host>:<SSL_port>/Path/To/Services"

    I hope this may help to achieve your requirement.

    Regards,

    Charlee Ch.

    0 讨论(0)
 看不清?
提交回复
热议问题