1

MasterCard 使用 2-legged OAuth。准备好 OAuth 有效负载后,我将其添加到授权密钥的标题中。然后请求需要与证书一起发送。我在这一步遇到错误。

我已经根据https://developer.mastercard.com/portal/display/api/Locations+-+Sample+Code上提供的示例代码编写了我的代码

和示例密钥可在 https://developer.mastercard.com/portal/display/api/OAuth+Validation获得,

我生成 SSL 证书的步骤:

1. Open the Firefox browser and enter the URL : https://sandbox.api.mastercard.com
2. Click on the lock icon on the bottom of the browser.
3. Click on View Certificate 
4. Click on the Details tab
5. Under "Certificate Hierarchy", click on the issuing CA (beside the arrow)
6. Click on Export..
7. Save the .PEM file (suppose with "openapi-sandbox.pem").
8. Then using Java's keytool, Load this into a JKS keystore using a command like this:

keytool -import -alias openapi-samplecode-ssl-cert -file openapi-sandbox.pem -keystore openapi-samplecode.jks

准备请求的代码

  URL url = new URL(httpsURL);
  con = (HttpsURLConnection) url.openConnection();
  con.setRequestMethod(method);
  con.setSSLSocketFactory(getSocketFactory());
  con.setDoOutput(true);
  con.setDoInput(true);
  con.addRequestProperty("Authorization", buildAuthHeaderString(params));

以及处理证书文件的功能

  private SSLSocketFactory getSocketFactory() 
  {
    KeyStore ks = KeyStore.getInstance("JKS");
    // get user password and file input stream
    char[] password = "prince".toCharArray();
    ClassLoader cl = this.getClass().getClassLoader();
    String location =  "D:\\DEV_HOME\\openapi-samplecode6.jks";
  //  String location =  "openapi-samplecode1.jks";
    System.out.println("location =" + location );
    InputStream stream = cl.getResourceAsStream(location);
    ks.load(stream, password);
   // stream.close();

    SSLContext sc = SSLContext.getInstance("TLS");
    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");

    kmf.init(ks, password);
    tmf.init(ks);

    sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(),null);

    return sc.getSocketFactory();
  }

在此先感谢您的时间。:)

错误信息

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: 在 sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) 在 sun.security.ssl.Alerts.getSSLException(Unknown Source) 在 sun 上找不到受信任的证书.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage (未知来源)sun.security.ssl.Handshaker.processLoop(未知来源)sun.security.ssl.Handshaker.process_record(未知来源)sun.security.ssl.SSLSocketImpl.readRecord(未知来源)sun.security .ssl.SSLSocketImpl.performInitialHandshake(未知来源)在 sun.security.ssl.SSLSocketImpl。sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection 的 startHandshake(Unknown Source)。 connect(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) at mypack.MasterCardDemo.createOpenAPIConnection(MasterCardDemo.java:183) at mypack.MasterCardDemo.main(MasterCardDemo.java:64)由:sun.security.validator.ValidatorException:在 sun.security.validator.SimpleValidator.engineValidate(Unknown Source) 在 sun.security.validator.Validator 的 sun.security.validator.SimpleValidator.buildTrustedChain(Unknown Source) 找不到受信任的证书sun.security.ssl 上的 .validate(Unknown Source)。Sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source) 在 sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source) X509TrustManagerImpl.checkServerTrusted(Unknown Source)

4

1 回答 1

0

这确实是一个 SSL 问题,与 MasterCard 的 OAuth 关系不大。您需要说服 Java 信任https://api.mastercard.com上的 SSL 证书。您将 OAuth 证书放在信任库中,而不是 MasterCard 证书中。比将密钥放在信任库中更好的解决方案是信任根 CA。在 Java 中,您可以通过使用默认套接字因子来做到这一点。替换此代码:

con.setSSLSocketFactory(getSocketFactory());

有了这个:

con.setSSLSocketFactory((SSLSocketFactory)SSLSocketFactory.getDefault());
于 2014-08-13T15:09:20.967 回答