我在我的 spring boot 应用程序中进行了集成测试,一些测试需要从 Keycloak 获取 token 。每次通信都通过带有自签名证书的 SSL。
启动这些测试时我遇到了异常:
SunCertPathBuilderException: unable to find valid certification path to requested target
问题似乎类似于 Accept server's self-signed ssl certificate in Java client但此解决方案对我不起作用。
这是我获得 token 的地方:
private AccessTokenResponse getToken() throws GeneralSecurityException {
Keycloak keycloak = Keycloak.getInstance(keycloakAuthServerUrl, keycloakRealm,
login, password, keycloakResource, keycloakCredentialsSecret);
return keycloak.tokenManager().getAccessToken();
}
最佳答案
如 Accept server's self-signed ssl certificate in Java client 中的建议,创建自定义信任管理器:
import javax.net.ssl.X509TrustManager;
public class TestTrustManager implements X509TrustManager {
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
}
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
}
然后将其添加到 key 斗篷“构造函数”中:
private AccessTokenResponse getToken() throws GeneralSecurityException {
// Install the all-trusting trust manager
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new TrustManager[] { new TestTrustManager() }, new java.security.SecureRandom());
Keycloak keycloak = Keycloak.getInstance(keycloakAuthServerUrl, keycloakRealm,
login, password, keycloakResource, keycloakCredentialsSecret, sslContext); // <--- !!! ADD IT HERE !!!
return keycloak.tokenManager().getAccessToken();
}
关于spring-boot - 无法找到请求目标的有效证书路径 - Keycloak - Springboot - 自签名证书 - 测试,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54647227/