How to use Play WS with SSL?

Question

How to use Play WS with SSL?

My Java client application must make REST calls. I was instructed to use the implementation of Play WS. I currently have this:

AsyncHttpClientConfig.Builder builder = new com.ning.http.client.AsyncHttpClientConfig.Builder(); NingWSClient wsc = new play.libs.ws.ning.NingWSClient(builder.build()); WSRequestHolder holder = wsc.url("http://www.simpleweb.org/");

It works. However, my application needs to access a secure web service that uses SSL. I have a PKCS12 certificate for my client. How can I get WS to use this certificate to establish a secure connection?

To be clear, this is not a Play application.

+4

java rest playframework-2.3

user3909850 Dec 31 '15 at 10:42

source share

3 answers

You want to use the parser. See https://www.playframework.com/documentation/2.3.x/KeyStores for more configuration details.

 val config = play.api.Configuration(ConfigFactory.parseString(""" |trustManager = { | stores = [ | { type: "pkcs12", path: "/path/to/pkcs12/file", password: "foo" } | ] |} """.stripMargin)) val parser = new DefaultSSLConfigParser(config, app.classloader) val sslConfig = parser.parse() val clientConfig = new DefaultWSClientConfig(sslConfig = sslConfig) val secureDefaults = new NingAsyncHttpClientConfigBuilder(clientConfig).build() val builder = new AsyncHttpClientConfig.Builder(secureDefaults) val wsc = new play.libs.ws.ning.NingWSClient(builder.build()); val holder = wsc.url("http://www.simpleweb.org/");

0

Will sargent Jan 13 '15 at 0:00

source share

Make sure you add your certificate to your trust store, for example this:

keytool -import -trustcacerts -keystore {JAVA_HOME} / jre / lib / security / cacerts -noprompt -alias -file {CORRECT_PATH} /what_ever.crt

If the problem still exists, set the path directly by setting the java options on the run command line as follows:

-Djavax.net.ssl.trustStore = {JAVA_HOME} / JRE / Library / security / cacerts

0

masoodg Jan 29 '16 at 16:31

source share

Fand · Accepted Answer · 2015-01-03T15:31:16+0000

Impossible directly with WS. “Listen to documents” : “WS does not support client certificates (as well as mutual authentication TLS / MTLS / client). You must install SSLContext directly in the AsyncHttpClientConfig instance and configure the corresponding KeyStore and TrustStore.”

You could do something like this, perhaps:

 KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory .getDefaultAlgorithm()); KeyStore keyStore = KeyStore.getInstance("pkcs12"); InputStream inputStream = new FileInputStream("YOUR.p12"); keyStore.load(inputStream, "Your password as char[]"); keyManagerFactory.init(keyStore, "Your password as char[]"); SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(keyManagerFactory.getKeyManagers(), null,new SecureRandom()); AsyncHttpClientConfig httpClientConfig = new AsyncHttpClientConfig.Builder().setSSLContext(sslContext).build(); AsyncHttpClient httpClient = new AsyncHttpClient(httpClientConfig);

How to use Play WS with SSL?

More articles: