如何为2路TLS正确创建SSLSocketFactory? (对于ApplePay)

问题描述 投票:0回答:1

我正在尝试向ApplePay发出请求,但无法使用Java进行。

这里是卷曲请求:

$ curl -X POST --cert-type P12 --cert cert.p12 https://apple-pay-gateway-pr-pod1.apple.com/paymentservices/startSession -d '{}'
{
  "statusMessage": "Payment Services Exception Invalid session request",
  "statusCode": "400"
}

在一定程度上可以与苹果服务器进行通信。

这是我的代码,用于生成新的Feign客户端SSLContextFactory(用Kotlin编写:]]

   @Bean
    fun client(): Client { // a Feign Client
        val keystoreFile = File("/path/to/cert.p12")

        val keyStore = KeyStore.getInstance("PKCS12")
        keyStore.load(keystoreFile.inputStream(), null)
        val keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyFactory.init(keyStore, null)
        val trustManagerFactory = TrustManagerFactory.getInstance(
            TrustManagerFactory.getDefaultAlgorithm()
        )
        trustManagerFactory.init(keyStore)
        val trustManagers = trustManagerFactory.trustManagers
        val trustManager = trustManagers[0] as X509TrustManager
        val sslContext: SSLContext = SSLContext.getInstance("TLS")
        sslContext.init(keyFactory.keyManagers, trustManagers, null)

        return feign.okhttp.OkHttpClient(
            FeignConfiguration.enrichOkHttpClientBuilder(logbook)
                .sslSocketFactory(sslContext.socketFactory, trustManager)
                .connectionSpecs(
                    arrayListOf(
                        ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
                            .tlsVersions(TlsVersion.TLS_1_2)
                            .cipherSuites(
                                CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
                                , CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
                                , CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
                                , CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
                                , CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
                                , CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256
                                , CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256
                            )
                            .build()
                    )
                )
            .build()
        )
    }

但是当我尝试向同一URL发出请求时,出现以下错误:
feign.RetryableException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty executing POST https://apple-pay-gateway-pr-pod1.apple.com/paymentservices/startSession/paymentSession


有人知道我可能做错了什么吗?

我正在尝试向ApplePay发出请求,但无法使用Java进行请求。这是curl请求:$ curl -X POST --cert-type P12 --cert cert.p12 https://apple-pay-gateway-pr-pod1.apple.com / ...

java spring ssl kotlin applepay
1个回答
0
投票
我的技术负责人能够帮助解决此问题,但是@ dave_thompson_085的回答也应该有所帮助。

因此,我基本上将伪装客户的东西替换为:

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.