MasterCard使用2格OAuth。准备好OAuth有效负载后,我将其添加到Authorization密钥中的头中。然后需要将请求与证书一起发送。我在这一步出错了。
我已经根据上提供的示例代码编写了代码https://developer.mastercard.com/portal/display/api/Locations+-+样本+代码
和样本密钥,可在https://developer.mastercard.com/portal/display/api/OAuth+验证,
我生成SSL证书所遵循的步骤:
1. Open the Firefox browser and enter the URL : https://sandbox.api.mastercard.com
2. Click on the lock icon on the bottom of the browser.
3. Click on View Certificate
4. Click on the Details tab
5. Under "Certificate Hierarchy", click on the issuing CA (beside the arrow)
6. Click on Export..
7. Save the .PEM file (suppose with "openapi-sandbox.pem").
8. Then using Java's keytool, Load this into a JKS keystore using a command like this:
keytool -import -alias openapi-samplecode-ssl-cert -file openapi-sandbox.pem -keystore openapi-samplecode.jks
准备请求的代码
URL url = new URL(httpsURL);
con = (HttpsURLConnection) url.openConnection();
con.setRequestMethod(method);
con.setSSLSocketFactory(getSocketFactory());
con.setDoOutput(true);
con.setDoInput(true);
con.addRequestProperty("Authorization", buildAuthHeaderString(params));
以及处理证书文件的功能
private SSLSocketFactory getSocketFactory()
{
KeyStore ks = KeyStore.getInstance("JKS");
// get user password and file input stream
char[] password = "prince".toCharArray();
ClassLoader cl = this.getClass().getClassLoader();
String location = "D:\DEV_HOME\openapi-samplecode6.jks";
// String location = "openapi-samplecode1.jks";
System.out.println("location =" + location );
InputStream stream = cl.getResourceAsStream(location);
ks.load(stream, password);
// stream.close();
SSLContext sc = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
kmf.init(ks, password);
tmf.init(ks);
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(),null);
return sc.getSocketFactory();
}
提前感谢您抽出时间。:)
错误消息
javax.net.ssl.ssl握手异常:sun.security.validator.ValidatorException:没有可信证书建立位于sun.security.ssl.Alerts.getSSLException(未知源)位于sun.security.ssl.SSLSocketImpl.fatal(未知源)位于sun.security.ssl.Handshaker.totalSE(未知来源)位于sun.security.ssl.Handshaker.totalSE(未知来源)位于sun.security.ssl.ClientHandshaker.serverCertificate(未知源)位于sun.security.ssl.ClientHandshaker.processMessage(未知源)位于sun.security.ssl.Handshaker.processLoop(未知源)位于sun.security.ssl.Handshaker.process_record(未知源)位于sun.security.ssl.SSLSocketImpl.readRecord(未知源)在sun.security.ssl.SSLSocketImpl.performInitialHandshake(未知源)位于sun.security.ssl.SSLSocketImpl.startHandshake(未知源)位于sun.security.ssl.SSLSocketImpl.startHandshake(未知源)网址:sun.net www.protocol.https.HttpsClient.afterConnect(未知来源)网址:sun.net www.protocol.https.AbstractDelegateHttpsURLConnection.connect(未知来源)网址:sun.net www.protocol.httpsURLConnection Impl.connect(未知来源)在mypack上。MasterCardDemo.createOpenAPIConnection(MasterCardDemo.java:183)在mypack上。MasterCardDemo.main(MasterCardDemon.java:64)由以下原因引起:sun.security.validator.ValidatorException:没有可信证书建立在sun.security.validator.SimpleValidator.buildTrustedChain(未知来源)在sun.security.validator.SimpleValidator.engineValidate(未知源)在sun.security.validator.validate(未知源)位于sun.security.ssl.X509TrustManagerImpl.validate(未知源)位于sun.security.ssl.X509TrustManagerImpl.checkTrusted(未知源)位于sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(未知来源)
这实际上是一个SSL问题,与万事达卡的OAuth几乎没有关系。您需要说服Java信任上的SSL证书https://api.mastercard.com.您将OAuth证书放在信任存储中,而不是MasterCard证书中。比将密钥放在信任存储器中更好的解决方案是信任根CA。在Java中,您可以使用默认的套接字因子来实现这一点。替换此代码:
con.setSSLSocketFactory(getSocketFactory());
有了这个:
con.setSSLSocketFactory((SSLSocketFactory)SSLSocketFactory.getDefault());