Geek Answers Handbook

How to make HTTPS GET call with certificate in java

How can I make a GET call using Rest-Assured in java to an endpoint requiring a certificate. I have a certificate as .pem . The PEM file has a certificate and a private key.

+6
source share
6 answers

Got a job with the following code -

 KeyStore keyStore = null; SSLConfig config = null; try { keyStore = KeyStore.getInstance("PKCS12"); keyStore.load( new FileInputStream("certs/client_cert_and_private.p12"), password.toCharArray()); } catch (Exception ex) { System.out.println("Error while loading keystore >>>>>>>>>"); ex.printStackTrace(); } if (keyStore != null) { org.apache.http.conn.ssl.SSLSocketFactory clientAuthFactory = new org.apache.http.conn.ssl.SSLSocketFactory(keyStore, password); // set the config in rest assured config = new SSLConfig().with().sslSocketFactory(clientAuthFactory).and().allowAllHostnames(); RestAssured.config = RestAssured.config().sslConfig(config); RestAssured.given().when().get("/path").then();
+6
source

In my case, using "relaxed HTTP validation" fixed my problem:

 given().relaxedHTTPSValidation().when().post("https://my_server.com")
+2
source

I am new to calm down, but I know such problems using digital certificates to authenticate clients.

In a document with guaranteed access, only the certificate configuration option is: JKS

 RestAssured.config = RestAssured.newConfig().sslConfig(new SSLConfig("/truststore_javanet.jks", "test1234");

Convert PEM to JKS. Open it with portecle and make sure that the password is right and you have uploaded the certificate and the entire certification chain to the CA root directory. Portecle makes it easy to use the command line with a graphical user interface, and also allows you to create JKS

 http://portecle.sourceforge.net/

This error ALWAYS occurs when your java client does not trust the server certificate

  PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

The easiest way to fix this is to include the server certificate chain in the jdk key store.

First, download server certificates by opening an https connection with your browser, for example, using chrome. It doesn't matter that it fails. Click the green lock on the toolbar> Details> View the server certificate and upload it as PEM. It is best to download it yourself to make sure that you are using the correct one. Download all certification chain certificates enter image description here

Then open jdk cacerts in JDK_HOME / jre / lib / security with portecle. The password will be "changeit". Add server certificates as trusted

Now the failed PKIX path build will disappear. If not, check the certificates and JDK you are using

+1
source

The code below works,

 public static void getArtifactsHttps(String args) { String username = "username"; String password1 = "password"; StringBuilder authorization = new StringBuilder(); authorization.append(username).append(":").append(password); String authHeader = "Basic " + Base64.getEncoder().encodeToString(authorization.toString().getBytes()); String response = RestAssured .given() .trustStore("D:\\workspace\\DemoTrust.jks", "DemoTrustKeyStorePassPhrase") .when() .contentType(MediaType.APPLICATION_JSON) .accept(MediaType.APPLICATION_JSON) .header("Authorization", authHeader) .baseUri("https://server.us.oracle.com:55898") .queryParam("name", args) .get("/validendpoint").prettyPrint(); System.out.println("RESPONSE" + response); }
0
source

Using RestAssured 3.0, I took the code @ rohitkadam19 and got it like this:

 @Before public void setUp() throws Exception { try { RestAssured.port = port; RestAssured.useRelaxedHTTPSValidation(); RestAssured.config().getSSLConfig().with().keyStore("classpath:keystore.p12", "password"); } catch (Exception ex) { System.out.println("Error while loading keystore >>>>>>>>>"); ex.printStackTrace(); } }
0
source

Please use the latest version 3.0.7, as in previous versions, which were satisfied with many problems when you tested services with certificates

0
source

More articles:


All Articles