Answer the question
In order to leave comments, you need to log in
A
A
Andrey Osty2012-03-05 15:00:34
Andrey Osty, 2012-03-05 15:00:34
Rapida payment system. How to put certificates in java?
There is a Certificate.key (RSA) file, there is a Certificate.cer file received from Rapida, there is a legacy software. How to teach Java to use a certificate?
I have two files *.cer (clientCert) and *.key (
privateKey
)
PEMReader r2 = new PEMReader(new StringReader(data.paramNamed("clientCert")));
And then I hung completely :(
How *.key to *.pem and *.cer to *.pem to implement Otherwise,
Java is hooting the following errors
INFO 05.03.12 12:04:38.053 [Thread-5] Http GET request (timeout: 0 ms) on gate.rapida.ru/gate?function=getbalance&PaymExtId=...
headers:
status: null
ERROR 3/5/12 12:04:38.291 [Thread-5] Updating balance of ProcessingData(id: 1180;type: 175) failed
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun .security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl. internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl. Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun .net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl .internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl .AppOutputStream.write(AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(
HttpConnection.java:828
)
.writeRequest(HttpMethodBase.java:2116)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org. apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at fs.core.tools.InternetProvider.executeWithClientCert(InternetProvider.java:181)
at fs.plugins.rapida.RapidaGateway.sendMessage(RapidaGateway.java :189)
at fs.plugins.rapida.RapidaBalanceRequest.execute(RapidaBalanceRequest.java:15)
at fs.core.domain.ProcessingData.updateBalance(ProcessingData.java:261)
at fs.offline.balances.GatewayBalanceUpdater.body(GatewayBalanceUpdater. java:100)
at fs.core.services.Service.run(Service.java:196)
at java.lang.Thread.run(Thread.java:619)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java: 285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl .validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl .java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
… 24 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun .security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280 )
… 30 more
4 answer(s)
@relgames
@TzX
@jkotkot
R
relgames, 2012-03-05 @relgames
You need to add .cer files to the system keystore.
No idea where the files are in Rapida, that's up to you to figure out.
Or you can add to the JRE root store (keytool -import -trustcacerts -file Certificate.cer -alias RAPIDA -keystore $JAVA_HOME/jre/lib/security/cacerts)
Default password changeme
T
TzX, 2013-11-13 @TzX
Rapida's website has an example of how to connect to their server from Java. Everything started without problems. The tests have passed.
N
Nikita, 2014-12-13 @jkotkot
The option to add to jre is not very good, as it will require patching every time after the update. Plus, the certificate will go bad sooner or later, and you will have other errors, so it's better to keep track of the date programmatically.
You can view and download the certificate manually (for example, through a browser), and then dynamically load it every time the application starts.
I solved a similar problem here for a client. Decided to update to the latest version in the branch. There were the necessary root certificates. What version of JDK do you have?
Similar questions
B
V
V
A
arsden22017-08-02 11:32:55
How to implement automatic authorization in an android application?
0Reply
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question