gpt4 book ai didi

java - Java HttpClient 中的 Curl cacert 等价物

转载 作者:塔克拉玛干 更新时间:2023-11-02 19:10:17 24 4
gpt4 key购买 nike

我可以毫无问题地执行以下 curl 命令:

curl -s --cacert cert_ca.pem -X POST --data-urlencode name=abcde https://abcd.com/resource

你能帮我想出一些关于 Java 的东西来实现同样的目标吗?我看过类似的帖子,但他们谈论的是完整的 SSL 握手。在这里,我只是出示 CA 证书以使用指定的证书文件来验证对等方。

另一个问题,我的理解是否正确 --> 在这里,我只需要使用 CA 证书配置信任库来验证对等点,而不一定是任何 keystore ,因为我没有代表我出示任何证书?

谢谢

我也有 CA 证书的 jks 文件

在使用以下代码尝试 Robert 的建议时:

    SSLContext sslContext = SSLContexts.custom()                          
.loadTrustMaterial(new File("test_ca.jks")
.build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);
httpClient = HttpClients.custom()
.setSSLSocketFactory(sslsf)
.build();
String openEndpoint = "URL";
HttpPost httpPost = new HttpPost(openEndpoint);
httpPost.setEntity(new UrlEncodedFormEntity(reqBodyParams));
CloseableHttpResponse httpResponse = ( CloseableHttpResponse ) httpClient.execute(httpPost);

我收到以下异常:

    javax.net.ssl.SSLException: Received fatal alert: unexpected_message
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1769)
at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:124)
at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:1130)
at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1216)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1128)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:348)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)

最佳答案

您可以在构建 Apache Commons Http SSLContext 时将 Java keystore 文件指定为“信任 Material ”(信任库):

    SSLContext sslContext = SSLContexts.custom()
.loadTrustMaterial(new File("keystore.jks"), "trust-password".toCharArray()) // trust
.build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();

关于java - Java HttpClient 中的 Curl cacert 等价物,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46611639/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com