我正在尝试通过https:https://api-sandbox.rabobank.nl/openapi/sandbox访问沙盒api,但在发送请求时出现此错误:https://pastebin.com/5X4h3wsu
我尝试将上述URL中的证书添加到jre11,jdk8,jdk7信任库,并尝试将我的项目jdk / jre切换到那些版本。错误不会改变。我也尝试将其设置为vm选项:-Dcom.sun.net.ssl.checkRevocation=false也没有运气。当我启用时:-Djavax.net.debug=ssl(使用Java 8,该选项不适用于11),我将此输出发送到控制台:https://pastebin.com/5L7Lei8J
这是我所有的代码,数量不多,因为此应用程序旨在通过最少的工作示例测试api。Application.java:
package com.thebooks;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.web.client.RestTemplate;
import java.io.File;
import java.security.KeyStore;
@SpringBootApplication
public class Application {
static {
System.setProperty("jdk.tls.client.protocols", "TLSv1.2");
System.setProperty("https.protocols", "TLSv1.2");
System.setProperty("javax.net.ssl.trustStore", System.getProperty("user.dir") + "/key/cert.p12");
System.setProperty("javax.net.ssl.trustStorePassword", "secret");
System.setProperty("javax.net.ssl.keyStore", System.getProperty("user.dir") + "/key/key.p12");
System.setProperty("javax.net.ssl.keyStorePassword", "secret");
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier() {
public boolean verify(String hostname,
javax.net.ssl.SSLSession sslSession) {
// TODO: CODE TO VERIFY Host
return true;
}
});
}
@Bean
public RestTemplate template() throws Exception {
return new RestTemplate();
}
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
HttpClient.java:
package com.thebooks.httpclient;
import com.thebooks.enums.EScope;
import com.thebooks.providers.PropertyProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.CommandLineRunner;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
@Component
public class HttpClient implements CommandLineRunner {
private String apiUrl = "https://api-sandbox.rabobank.nl/openapi/sandbox/";
private final RestTemplate template;
private PropertyProvider propProvider = new PropertyProvider();
private final String CLIENT_ID = propProvider.get("client.id");
public HttpClient(RestTemplate template) {
this.template = template;
}
@Override
public void run(String... args) throws Exception {
ResponseEntity<Object> response = template.getForEntity(
apiUrl + "oauth2/authorize?client_id=" + CLIENT_ID +
"&response_type=code&scope=" + EScope.AIS_BALANCES_READ.getValue(),
Object.class);
System.out.println(response.getStatusCode());
System.out.println(response.getBody());
System.out.println(response.getHeaders());
}
}
我从这个拥有我要使用的api的网站上获得了大部分代码:https://developer-sandbox.rabobank.nl/mutual-tls我很确定这与他们的证书不被我的PC /应用程序信任有关。但是就像我说的,我将他们的证书添加到了我拥有的所有3个Java版本的所有3个cacert中。
我正在尝试通过https访问沙箱api:https://api-sandbox.rabobank.nl/openapi/sandbox,但在发送请求时出现此错误:https://pastebin.com/5X4h3wsu我尝试添加证书...
我在您的日志中看到的是:
api沙箱URL具有有效的CA提供者Digicert发行的证书。但是根据spring boot starter代码,您正在使用自签名证书启动服务器。结果,在CA签名的SSL和非CA签名的证书之间进行握手时,会出现PKIK异常。