我正在使用eclipse,在尝试执行此函数时,我遇到了以下错误。
我想发送一个GET请求以及证书和密钥。我可以下载任何格式的证书,所以这不是问题。我知道我需要将此添加到javakeystone中,但在尝试了各种建议后,我仍然无法解决此问题。
public String sendGET(String GET_URL, String authStringEnc) throws IOException {
try {
KeyStore ks = KeyStore.getInstance("JKS");
FileInputStream fis = new FileInputStream("src/com/resources/ece-cyberark-cert.jks");
ks.load(fis, "5<@7wBj[Ht()~GRf".toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, "5<@7wBj[Ht()~GRf".toCharArray());
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), null, null);
URL obj = new URL(GET_URL);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
if (con instanceof HttpsURLConnection) {
((HttpsURLConnection)con)
.setSSLSocketFactory(sc.getSocketFactory());
}
con.setRequestMethod("GET");
con.setRequestProperty("User-Agent", USER_AGENT);
con.setRequestProperty("Authorization", "Basic " + authStringEnc);
con.setRequestProperty("Content-Type", "application/json");
int responseCode = con.getResponseCode();
System.out.println("GET Response Code :: " + responseCode + " :: " + GET_URL);
if (responseCode == HttpURLConnection.HTTP_OK) { // success
BufferedReader in = new BufferedReader(new InputStreamReader(
con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
con.disconnect();
// print result
return response.toString();
} else {
// return failed requests response code
return "GET request not worked :: GET Response Code :: " + responseCode + " :: + GET_URL";
}
} catch (Exception e) {
e.printStackTrace();
return "Exceptionn";
}
}
以下是错误-
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
密钥管理器用于向HTTP服务器验证HTTP客户端。但首先,信任管理器用于对服务器进行身份验证。如果服务器的证书在运行时的默认";信任锚";,您需要显式地提供正确的根证书。
KeyStore trusted = ...; /* Initialize a trust store containing the non-standard CA. */
TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
tmf.init(trusted);
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
...
如果不打算使用TLS客户端身份验证,则应删除所有与KeyManager相关的初始化。