eclipse 使用 https 调用网络服务
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/36009451/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Use https to call a webservice
提问by Hopeful
I am currently working on a webservice that uses http! I have been asked to change (to use ) httpsinstead to call this webservice!
我目前正在开发一个使用 http 的网络服务!我被要求更改(使用)https来调用此网络服务!
I am using eclipse kepler and JBoss EAP6.1
我正在使用日食开普勒和 JBoss EAP6.1
I found in the internet that I have to create a keystoreand edit the server.xmlfile.
The thing is that i can't find the xmlfile in this JBOssversion [ i have a standalone.xmlfile is it the same ? ]
and for the generation of the keystore wheredo i have to do it ?
Thank you for you ansewers!
if I am on the wrong way, would you please re-direct me to right path ?
我在互联网上发现我必须创建一个密钥库并编辑server.xml文件。问题是我xml在这个JBOss版本中找不到文件[我有一个standalone.xml文件是一样的吗?] 对于密钥库的生成,我必须在哪里做?谢谢你的回答!如果我走错了路,请您将我重新引导到正确的道路上吗?
Thanks again !
再次感谢 !
回答by Rahul
Get the certificate of the HTTPS url. (You can do it by typing the URL in the browser and then extracting the certificate from the browser certificate installation location). After this add this certificate to the JRE of your application which is used by JBOSS server. Most probably this will be the JRE you have given in the system environment. You can google to get how to install certificate in the keystore. May be this will work.
获取HTTPS url 的证书。(您可以通过在浏览器中输入 URL,然后从浏览器证书安装位置提取证书来实现)。在此之后,将此证书添加到 JBOSS 服务器使用的应用程序的 JRE。这很可能是您在系统环境中提供的 JRE。您可以谷歌获取如何在密钥库中安装证书。可能这会起作用。
回答by Suyash
In addition to answer of @Rahul, you can import certificate (.cer) file using following command on command prompt for windows OS :
除了@Rahul 的回答之外,您还可以在 Windows 操作系统的命令提示符下使用以下命令导入证书 (.cer) 文件:
(Assuming you have set required Java paths)
(假设您已设置所需的 Java 路径)
keytool -importcert -file <path of certificate>\<YourCertificateName>.cer -keystore D:\java\jdk1.7.0_40\jre\lib\security\cacerts -alias <certificateAliasName> -storepass <Password>
usually default <password>is 'changeit'.
通常默认<password>为'changeit'。
In case webservice is used for third party client then you can use HttpClient to interact. I am not sure what kind of operation you are performing with that webservice. I assume you want to send some xml to that URL. You can refer following code :
如果 webservice 用于第三方客户端,那么您可以使用 HttpClient 进行交互。我不确定您正在使用该网络服务执行哪种操作。我假设您想向该 URL 发送一些 xml。您可以参考以下代码:
HttpPost httppost = new HttpPost(url);
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY,
new UsernamePasswordCredentials(username, password));
CloseableHttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(credentialsProvider).build();
StringEntity entity = null;
try {
entity = new StringEntity(xmlToSend);
} catch (UnsupportedEncodingException e) {
LOG.error("Unsupported Encoding ", e);
}
entity.setContentType("text/xml");
httppost.setEntity(entity);
try{
CloseableHttpResponse response = client.execute(httppost);
returnCode = response.getStatusLine().getStatusCode();
EntityUtils.consume(entity);
LOG.debug("HttpResponse :" + EntityUtils.toString(response.getEntity()));
}catch(IOException e){
LOG.error("Error occured while sending the xml");
}
回答by Matteo Baldi
You're calling a remote webservice via https, right?
您是通过 https 调用远程网络服务,对吗?
Ok, you could import the certificate of the remote service in the keystore (plenty of guides about that, look at this other questionfor an example)
好的,您可以在密钥库中导入远程服务的证书(有关此的大量指南,请查看其他问题作为示例)
OR
或者
You can bypass the whole https certificate thing (launch this static method before the remote call):
您可以绕过整个 https 证书(在远程调用之前启动此静态方法):
/**
* Bypassing SSL certificate check
*
* @throws Exception
*/
public static void doTrustToCertificates() throws Exception {
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException {
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException {
}
}
};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier hv = new HostnameVerifier() {
@Override
public boolean verify(String urlHostName, SSLSession session) {
if (!urlHostName.equalsIgnoreCase(session.getPeerHost())) {
logger.warn("Warning: URL host '" + urlHostName + "' is different to SSLSession host '" + session.getPeerHost() + "'.");
}
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
