如何在 Rest-Assured java 中使用证书进行 HTTPS GET 调用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/36352033/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to make HTTPS GET call with certificate in Rest-Assured java
提问by rohitkadam19
How can I make a GET call using Rest-Assuredin java to a endpoint which requires certificate. I have certificate as .pemformat. In PEM file there is certificate and private key.
如何使用Java 中的Rest-Assured对需要证书的端点进行 GET 调用。我有证书作为.pem格式。在 PEM 文件中有证书和私钥。
采纳答案by rohitkadam19
Got it working with following code -
使用以下代码进行操作 -
KeyStore keyStore = null;
SSLConfig config = null;
try {
keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(
new FileInputStream("certs/client_cert_and_private.p12"),
password.toCharArray());
} catch (Exception ex) {
System.out.println("Error while loading keystore >>>>>>>>>");
ex.printStackTrace();
}
if (keyStore != null) {
org.apache.http.conn.ssl.SSLSocketFactory clientAuthFactory = new org.apache.http.conn.ssl.SSLSocketFactory(keyStore, password);
// set the config in rest assured
config = new SSLConfig().with().sslSocketFactory(clientAuthFactory).and().allowAllHostnames();
RestAssured.config = RestAssured.config().sslConfig(config);
RestAssured.given().when().get("/path").then();
回答by pedrofb
I am new to rest-assured but I know this kind of problems using digital certificates for client authentication
我是放心的新手,但我知道使用数字证书进行客户端身份验证的此类问题
In rest-assured doc is only an option to configure certificate: JKS
在放心的文档中只是配置证书的一个选项:JKS
RestAssured.config = RestAssured.newConfig().sslConfig(new SSLConfig("/truststore_javanet.jks", "test1234");
Convert your PEM to JKS. Open it with portecle and ensure that the password is right and you have the certificate loaded and all the certification chain to CA root. Portecle simplify the command-line using a GUI and also allows you to create the JKS
将您的 PEM 转换为 JKS。使用 portecle 打开它并确保密码正确并且您已加载证书以及所有证书链到 CA 根。Portecle 使用 GUI 简化了命令行,还允许您创建 JKS
http://portecle.sourceforge.net/
This error occurs ALWAYS when your java client do not trust in server certificate
当您的 Java 客户端不信任服务器证书时,总是会发生此错误
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The easiest way to fix this is include the server certificate chain in your jdk keystore.
解决此问题的最简单方法是在 jdk 密钥库中包含服务器证书链。
First, download the server certificates opening an https connection with your browser, for example with chrome. It does not matter it fails. Click on the green lock in the toolbar>Detail>See server certicate and download as PEM. It is best to download it yourself to make sure you are using the correct. Download all certificates of certification chain
首先,下载服务器证书,打开与浏览器的 https 连接,例如使用 chrome。失败也没关系。单击工具栏中的绿色锁>详细信息>查看服务器证书并下载为 PEM。最好自己下载,以确保您使用的是正确的。下载所有认证链证书
Then, open jdk cacerts at JDK_HOME/jre/lib/security with portecle. Password will be 'changeit'. Add the server certificates as 'trusted'
然后,使用 portecle 在 JDK_HOME/jre/lib/security 中打开 jdk cacerts。密码将是“changeit”。将服务器证书添加为“受信任”
Now, PKIX path building failed will dissapear. If not, check the certificates and the JDK you are using
现在,PKIX 路径构建失败将消失。如果没有,请检查您使用的证书和 JDK
回答by forkdbloke
The code mentioned below just works,
下面提到的代码只是有效,
public static void getArtifactsHttps(String args) {
String username = "username";
String password1 = "password";
StringBuilder authorization = new StringBuilder();
authorization.append(username).append(":").append(password);
String authHeader = "Basic " + Base64.getEncoder().encodeToString(authorization.toString().getBytes());
String response = RestAssured
.given()
.trustStore("D:\workspace\DemoTrust.jks", "DemoTrustKeyStorePassPhrase")
.when()
.contentType(MediaType.APPLICATION_JSON)
.accept(MediaType.APPLICATION_JSON)
.header("Authorization", authHeader)
.baseUri("https://server.us.oracle.com:55898")
.queryParam("name", args)
.get("/validendpoint").prettyPrint();
System.out.println("RESPONSE" + response);
}
回答by Saeed Zarinfam
In my case using "relaxed HTTPs validation" fixed my problem:
在我的情况下,使用“宽松的 HTTPs 验证”解决了我的问题:
given().relaxedHTTPSValidation().when().post("https://my_server.com")
回答by Jacques Koorts
Using RestAssured 3.0 I took @rohitkadam19's code and got it working so:
使用 RestAssured 3.0,我使用了 @rohitkadam19 的代码并使其正常工作:
@Before
public void setUp() throws Exception {
try {
RestAssured.port = port;
RestAssured.useRelaxedHTTPSValidation();
RestAssured.config().getSSLConfig().with().keyStore("classpath:keystore.p12", "password");
} catch (Exception ex) {
System.out.println("Error while loading keystore >>>>>>>>>");
ex.printStackTrace();
}
}
回答by JCollerton
The method using org.apache.http.conn.ssl.SSLSocketFactoryis now deprecated. If you are using the latest version of RestAssuredfrom iothen the best method is to set your authentication using:
使用的方法org.apache.http.conn.ssl.SSLSocketFactory现已弃用。如果您使用的是RestAssuredfrom的最新版本,io那么最好的方法是使用以下方法设置您的身份验证:
RestAssured.authentication =
RestAssured.certificate(
"/path/to/truststore",
"trust store password",
"/path/to/p12",
"p12 password",
CertificateAuthSettings.certAuthSettings());
Note, CertificateAuthSettings.certAuthSettings()uses default KeyStoresettings, so be aware of this.
请注意,CertificateAuthSettings.certAuthSettings()使用默认KeyStore设置,因此请注意这一点。
