JAVA - Simple GET request, using SSL certificate and HTTPS
Solution 1
I finally found a good solution (without creating custom SSL context):
String getHttpResponseWithSSL(String url) throws Exception {
//default truststore parameters
System.setProperty("javax.net.ssl.trustStore", "/usr/lib/jvm/java-6-openjdk/jre/lib/securitycacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
//my certificate and password
System.setProperty("javax.net.ssl.keyStore", "mycert.pfx");
System.setProperty("javax.net.ssl.keyStorePassword", "mypass");
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
HttpClient httpclient = new HttpClient();
GetMethod method = new GetMethod();
method.setPath(url);
int statusCode = httpclient.executeMethod(method);
System.out.println("Status: " + statusCode);
method.releaseConnection();
return method.getResponseBodyAsString();
}
Solution 2
This question should have your answer:
HTTPClient-1.4.2: Explanation needed for Custom SSL Context Example
You need to use httpclient to create the request and then use a key manager.
dstronczak
Passionate developer. Scrum master and Agile Evangelist.
Updated on January 16, 2020Comments
-
dstronczak over 4 years
I have a file with the '.pfx' extension and a password to this certificate.
What I need to do is to send a simple GET request to a webservice and read the response body.
I need to implement a method similar to this:
String getHttpResponse(String url, String certificateFile, String passwordToCertificate){ ... }
I also tried converting the certificate to a format "with no password" using openssl:
Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM: openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
So the alternate implementaion of the my method could be:
String getHttpResponse(String url, String certificateFile){ ... }
I would really appreciate your help, I spent half a day googling for it, but I haven't found an example that would help me, it seems I have problems with undestanding some basic assumptions around SSL and stuff.
-
dstronczak almost 12 yearsI tried doing it this way, however I am not sure what file should I use as the "trustStore"...
-
plasma147 almost 12 yearsAccording to [this] (docs.oracle.com/javase/6/docs/api/java/security/…) it can be null to create an empty keystore.
-
dstronczak almost 12 yearsThis is good in my case. However - what if I needed to change the settings in the runtime? Do you think setting System.setProperty again would be very wrong?
-
Bruno almost 12 yearsIt's not that it would be "wrong", but more likely that it wouldn't work.