Я пытаюсь подключиться к конечной точке API из проекта maven.
Со стороны сервера они поделились со мной файлами:
privatekey.key
certificate.crt
intermediate_rapidssl.crt
ca_geotrust_global.crt
Я использую следующие команды длясоздать файл .jks
openssl pkcs12 -export -out clave.P12 -name mycertificate -inkey privatekey.key -in certificate.crt -CAfile intermediate_rapidssl.crt -caname issuer -CAfile ca_geotrust_global.crt -caname root
keytool -importkeystore -srckeystore clave.p12 -srcstoretype pkcs12 -destkeystore clave.jks -deststoretype JKS
Затем в проекте maven я использовал следующий класс, отправляющий путь к файлу clave.jks:
public class SSLCliAuthExample3 {
private static final Logger LOG = Logger.getLogger(SSLCliAuthExample3.class.getName());
private static final String CA_KEYSTORE_TYPE = KeyStore.getDefaultType(); //"JKS";
private static final String CA_KEYSTORE_PATH = "/<path>/clave.jks";
private static final String CA_KEYSTORE_PASS = "111111";
public static void main(String[] args) throws Exception {
requestTimestamp();
}
public final static void requestTimestamp() throws Exception {
SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(
createSslCustomContext(),
new String[]{"TLSv1"}, // Allow TLSv1 protocol only
null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
try (CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(csf).build()) {
HttpGet req = new HttpGet("https://<host>/getdata?startTimestamp=2018-08-01T14:32:46.805&endTimestamp=2018-08-01T14:50:04.380");
req.setConfig(configureRequest());
try {
HttpResponse response = httpclient.execute(req);
HttpEntity entity = response.getEntity();
} catch (IOException e) {
e.printStackTrace();
}
}
}
public static RequestConfig configureRequest() {
HttpHost proxy = new HttpHost("<host>", <port>, "https");
RequestConfig config = RequestConfig.custom()
.setProxy(proxy)
.build();
return config;
}
public static SSLContext createSslCustomContext() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException, UnrecoverableKeyException {
// Trusted CA keystore
KeyStore tks = KeyStore.getInstance(CA_KEYSTORE_TYPE);
tks.load(new FileInputStream(CA_KEYSTORE_PATH), CA_KEYSTORE_PASS.toCharArray());
SSLContext sslcontext = SSLContexts.custom()
.loadTrustMaterial(tks, new TrustSelfSignedStrategy()) // use it to customize
//.loadKeyMaterial(cks, CLIENT_KEYSTORE_PASS.toCharArray()) // load client certificate
.build();
return sslcontext;
}
}
, но при запуске я получаюследующий результат:
--- exec-maven-plugin:1.2.1:exec (default-cli) @ loaders_dna ---
oct 17, 2018 12:10:16 PM org.apache.http.impl.execchain.RetryExec execute
INFORMACIÓN: I/O exception (java.net.SocketException) caught when processing request to {tls}->https://<host>:<port>->https://<host>:<port>: Connection reset
oct 17, 2018 12:10:16 PM org.apache.http.impl.execchain.RetryExec execute
INFORMACIÓN: Retrying request to {tls}->https://<host>:<port>->https://<host>:<port>
oct 17, 2018 12:10:16 PM org.apache.http.impl.execchain.RetryExec execute
INFORMACIÓN: I/O exception (java.net.SocketException) caught when processing request to {tls}->https://<host>:<port>->https://<host>:<port>: Connection reset
oct 17, 2018 12:10:16 PM org.apache.http.impl.execchain.RetryExec execute
INFORMACIÓN: Retrying request to {tls}->https://<host>:<port>->https://<host>:<port>
oct 17, 2018 12:10:17 PM org.apache.http.impl.execchain.RetryExec execute
INFORMACIÓN: I/O exception (java.net.SocketException) caught when processing request to {tls}->https://<host>:<port>->https://<host>:<port>: Connection reset
oct 17, 2018 12:10:17 PM org.apache.http.impl.execchain.RetryExec execute
INFORMACIÓN: Retrying request to {tls}->https://<host>:<port>->https://<host>:<port>
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:210)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:395)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:354)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:388)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
at com.dna.app.etl.apitobigquery.SSLCliAuthExample3.requestTimestamp(SSLCliAuthExample3.java:69)
at com.dna.app.etl.apitobigquery.SSLCliAuthExample3.main(SSLCliAuthExample3.java:52)
Знаете ли вы, что может произойти?