Use restful to request HTTPS identity does not pass, unable to find valid certification path to requested target, using Java to generate signing certificate

Source: Internet
Author: User
Tags md5 sha1
authentication failed with spring's restoperations (top-level Class), Resttemplate send restful request HTTPS (SSL)Because we are requesting the HTTPS format, the server side is required to have your signed certificate
The first workaround, using Installcert.java file generation
* * Copyright 2006 Sun Microsystems, Inc.
 All Rights Reserved. * Redistribution and use in source and binary forms, with or without * modification, are permitted provided the F ollowing conditions * are met: * Redistributions of source code must retain the above copyright * Notice, TH
 is list of conditions and the following disclaimer. * *-redistributions in binary form must reproduce the above copyright * Notice, this list of conditions and the
 Following disclaimer in the * documentation and/or other materials provided with the distribution. * *-Neither the name of the Sun Microsystems nor the names of its * contributors may is used to endorse or promote p
 Roducts derived * from this software without specific prior written.  * This SOFTWARE are provided by the COPYRIGHT holders and CONTRIBUTORS "as *" and any EXPRESS OR implied warranties, Including, BUT not LIMITED to, * The implied warranties of merchantability aD FITNESS for A particular * purpose ARE disclaimed. In NO EVENT SHALL the COPYRIGHT OWNER OR * CONTRIBUTORS is liable for any DIRECT, INDIRECT, Incidental, SPECIAL, * exemp Lary, or consequential damages (including, BUT not LIMITED to, * procurement of substitute goods OR SERVICES; LOSS of Use, DATA, OR * profits;  OR BUSINESS interruption) HOWEVER caused and on no theory of * liability, WHETHER in CONTRACT, STRICT liability, or TORT (including * negligence OR otherwise)
 Arising in no WAY out of the use of this * SOFTWARE, even IF advised of the possibility of SUCH DAMAGE.
* * Import java.io.*;

Import Java.net.URL;
Import java.security.*;

Import java.security.cert.*;

Import javax.net.ssl.*;
    public class Installcert {public static void main (string[] args) throws Exception {String host;
    int port;
    Char[] Passphrase; if ((args.length = 1) | | (Args.length = 2))
        {string[] c = Args[0].split (":");
        host = C[0]; Port = (C.length = =1)?
        443:integer.parseint (c[1]); String p = (args.length = 1)?
        "Changeit": args[1];
    Passphrase = P.tochararray ();
        else {System.out.println ("Usage:java installcert  

Save as Installcert.java, compile Installcert, run Java installcert host:port example Java installcert www.baidu.com default will go from 443 ports under the certificate, If we do not succeed, we need to develop our own Java Installcert domain name: The port appears enter certificate to add to trusted KeyStore or ' Q ' to quit: [1] Input 1 generates a Jssecacerts This is what you call a certificate, you need to note that several parameters will print out subject and issuer and added certificate to KeyStore ' Jssecacerts ' using alias ' alias (name) ' most important second resolution
Keytool-genkeypair-alias ' server '-keyalg ' RSA '-keystore ' jssecacerts.keystore '
He needs you to fill out A series of Things
Features:
Create a certificate that is alias server, which is stored in a keystore named Test.keystore and created if the Jssecacerts.keystore KeyStore does not exist.
Parameter Description:
Genkeypair: Generates a pair of asymmetric keys;-alias: Specifies the alias of the key pair, which is exposed;-KEYALG: Specifies the cryptographic algorithm, in this case, the common RAS encryption algorithm;-keystore: The path and name of the KeyStore, If not specified, by default, the password for a ". KeyStore" file in the operating system's user directory must be at least 6 characters, can be a pure number or a combination of letters or numbers and letters, and so on, you specify "first and last name" should be the input domain name, not our personal name, Other can not fill out the
Here is the subject printed after the two methods one of the above we generated a secret key

Next to the operation of the certificate Keytool-list-keystore jssecacerts view the card inside the KeyStore, no accident will have a lot of certificates fingerprint Keytool-list-keystore Jssecacerts | grep/i ***alias (NAME) * * * Find our own Keytool-export-alias ***alias (name) * * * *-file Server.crt-keystore will be generated in the current directory Jssecacerts ER.CRT Import to the JAVA Authentication folder keytool-import-file server.cer-keystore "%java_home%\jre\lib\security\cacerts"-alias Server You can see the results using the following command:
Keytool-list-keystore "%java_home%\jre\lib\security\cacerts" | grep Server

Here, signing the certificate is complete, you can use restful to request HTTPS service,

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.