我使用的是 apache httpclient 4.5.3 和 apache httpcore 4.4.6。我需要通过执行 POST 调用来调用 SOAP WS
他们给了我一个 pfx 证书。我通过配置 SOAP UI 在 SOAP UI 中使用它,一切都很好。我可以调用 WS,它会给我一个响应。所以证书是有效的
现在我正在尝试配置 apache httpclient 来做同样的事情。这是我写的代码:
KeyStore clientStore = KeyStore.getInstance("PKCS12");
InputStream instream = Thread.currentThread().getContextClassLoader().getResourceAsStream(keystoreName);
try {
clientStore.load(instream, keyStorePwd.toCharArray());
} finally {
instream.close();
}
SSLContext sslCtx = SSLContext.getDefault();
SSLConnectionSocketFactory sslConnectionFactory = new SSLConnectionSocketFactory(sslCtx);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslConnectionFactory).register("http", new PlainConnectionSocketFactory()).build();
PoolingHttpClientConnectionManager pcm = new PoolingHttpClientConnectionManager(registry);
HttpClientBuilder hcb = HttpClientBuilder.create();
hcb.setConnectionManager(pcm);
CloseableHttpClient httpClient = hcb.build();
通过尝试此代码,我无法成功调用 WS。我确定我遗漏了什么,但我找不到我遗漏的东西
有人可以建议我如何进行吗?
谢谢 安杰洛
最佳答案
我想出了我错过了什么。我在这里发布我的解决方案,希望它有用
基本上我错了,因为我没有仔细配置 SSLContext 我必须仔细配置它。
这是我写的:
KeyStore clientStore = KeyStore.getInstance("PKCS12");
InputStream instream = Thread.currentThread().getContextClassLoader().getResourceAsStream(keystoreName);
try {
clientStore.load(instream, keyStorePwd.toCharArray());
} finally {
instream.close();
}
//Trust everybody
X509TrustManager tm = new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws CertificateException {}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws CertificateException {}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;}
};
SSLContext sslCtx = SSLContext.getInstance("TLS");
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmfactory.init(clientStore, keyStorePwd != null ? keyStorePwd.toCharArray() : null);
KeyManager[] keymanagers = kmfactory.getKeyManagers();
sslCtx.init(keymanagers, new TrustManager[]{tm}, null);
SSLConnectionSocketFactory sslConnectionFactory = new SSLConnectionSocketFactory(sslCtx);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslConnectionFactory).register("http", new PlainConnectionSocketFactory()).build();
PoolingHttpClientConnectionManager pcm = new PoolingHttpClientConnectionManager(registry);
HttpClientBuilder hcb = HttpClientBuilder.create();
hcb.setConnectionManager(pcm);
CloseableHttpClient httpClient = hcb.build();
现在一切正常
谢谢
安杰洛
关于ssl - apache httpclient pfx 文件,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44493040/