我试图访问一个托管在另一个域的安全网络服务,我在代理后面访问它,我设法从浏览器下载带有.pem
扩展名的证书,然后我把它转换成.crt
并使用以下命令把它导入到我的keystore
。
keytool -import -alias nhs-dos-crt -keystore "C:\Program Files\Java\jdk-15.0.1\lib\security\cacerts" -file NHS-DOS-CRT.cer
然后我从pem文件中创建了truststore
和keystore
,并将其添加到classpath中,但我仍然收到。
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
这是我所尝试的。
@Bean
RestTemplate restTemplate() throws Exception {
HttpHost proxy = new HttpHost(proxyServerHost, proxyServerPort);
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY,
new UsernamePasswordCredentials(basicAuthDosUsername, basicAuthDosPassword));
SSLContext sslContext = SSLContextBuilder.create()
.loadKeyMaterial(ResourceUtils.getFile("classpath:truststore/keystore.jks"), "changeit".toCharArray(),
"changeit".toCharArray())
.loadTrustMaterial(ResourceUtils.getFile("classpath:truststore/truststore.jks"),
"changeit".toCharArray())
.build();
// SSLConnectionSocketFactory socketFactory = new
// SSLConnectionSocketFactory(sslContext);
HttpClient httpClient = HttpClients.custom()
// .setSSLSocketFactory(socketFactory)
.setSSLContext(sslContext).setProxy(isNeedProxy ? proxy : null)
.setDefaultCredentialsProvider(credentialsProvider).build();
HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
return new RestTemplate(factory);
}
然后
@Autowired
private RestTemplate restTemplate;
ResponseEntity<String> result = restTemplate.getForEntity(callUrl, String.class);
谁能告诉我,我错过了什么或者我做错了什么?
StackOverflow:https://stackoverflow.com/questions/68185417/unable-to-call-https-service-in-spring-with-resttemplate