Java – how to use a custom sslcontextfactory in a restlet application running on jetty?

Java

I'm trying to use restlet's clientresource to connect HTTPS to a server using a self signed certificate I use an independent application and only use clientresource. My custom sslcontextfactory is added as an attribute. The code can be seen here:

https://github.com/pixelatedpete/selfsignedexample

When I use the same classes (dynamictrustmanager and selfsignsslslsocketfactory) in more complex restlet applications (with the same POM as above), using the rest API provided by restlet through jetty, my custom sslcontextfactory is no longer used

I added it to the clientresource context, but I never saw any log messages indicating that the sslcontextfactory provided to the clientresource was passed to the underlying httpclient

If I directly use httpclient instead of clientresource to rewrite:

HttpPost post = new HttpPost(cr.getReference().toString());
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(...);
DynamicTrustManager tm = new DynamicTrustManager(...,cert);
SelfSignTrustSslContextFactory scf = (SelfSignTrustSslContextFactory) 
CloseableHttpClient httpclient = HttpClients.custom().setSslcontext(scf.createSslContext()).build();
CloseableHttpResponse response = httpclient.execute(post);

Things worked again

Is this something that anyone else has encountered that I suspect is a very obvious thing? What did I miss?

Niobium Try again with Tomcat and get the same question

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building Failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

We also tried to inject sslcontextfactory (we use Guice here), but it didn't help

Solution

OK, so I finally figured it out – I missed the client bit:

Client client = new Client(crCtx,Protocol.HTTPS);
ClientResource clientResource = new ClientResource("https://example.com");
clientResource.setNext(client);
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>