1

我正在尝试使用 HttpBuilder 将文件上传到通过 SSL 运行的 Web 服务。我是从 Gradle 构建文件中执行此操作的,但我认为这并不重要。Web 服务是 Grails 应用程序的一部分,但同样,不要认为这很重要。

当您告诉我的 grails 应用程序通过 https 运行时,我的 grails 应用程序使用 grails 生成的证书在本地通过 SSL 运行。我在本地工作的代码如下:

def http = new groovyx.net.http.HTTPBuilder( 'https://localhost:8443/' )

//=== SSL UNSECURE CERTIFICATE ===
def sslContext = SSLContext.getInstance("SSL")
sslContext.init(null, [ new X509TrustManager() {
  public X509Certificate[] getAcceptedIssuers() {null }
  public void checkClientTrusted(X509Certificate[] certs, String authType) { }
  public void checkServerTrusted(X509Certificate[] certs, String authType) { }
} ] as TrustManager[], new SecureRandom())
def sf = new SSLSocketFactory(sslContext)
def httpsScheme = new Scheme("https", sf, 8443)
http.client.connectionManager.schemeRegistry.register( httpsScheme )

http.request( groovyx.net.http.Method.POST, groovyx.net.http.ContentType.JSON ) { req ->
    uri.path = '/a/admin/runtime/upload'
    uri.query = [ username: "username", password: "password", version: version]
    requestContentType = 'multipart/form-data'
    org.apache.http.entity.mime.MultipartEntity entity = new org.apache.http.entity.mime.MultipartEntity()
    def file = new File("file.zip")
    entity.addPart("runtimeFile", new org.apache.http.entity.mime.content.ByteArrayBody(file.getBytes(), 'file.zip'))
    req.entity = entity
}

顶部的所有垃圾都是我发现的一些代码,它允许 HttpBuilder 使用自签名证书。这实际上在本地工作。HttpBuilder 文档说大多数时候,SSL 应该“正常工作”。因此,我使用合法购买的证书通过 SSL 执行此操作的代码如下:

def http = new groovyx.net.http.HTTPBuilder( 'https://www.realserver.com/' )

http.request( groovyx.net.http.Method.POST, groovyx.net.http.ContentType.JSON ) { req ->
    uri.path = '/a/admin/runtime/upload'
    uri.query = [ username: "username", password: "password" ]
    requestContentType = 'multipart/form-data'
    org.apache.http.entity.mime.MultipartEntity entity = new org.apache.http.entity.mime.MultipartEntity()
    def file = new File("file.zip")
    entity.addPart("runtimeFile", new org.apache.http.entity.mime.content.ByteArrayBody(file.getBytes(), 'file.zip'))
    req.entity = entity
}

当我运行它时,我收到以下错误:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

任何提示或建议将不胜感激。

4

1 回答 1

0

这可能是因为该服务使用 HTTPS 的自签名证书。要与它正确交互,您应该cacerts使用keytool. 示例命令如下所示:

keytool -import -alias serviceCertificate -file ServiceSelfSignedCertificate.cer -keystore {path/to/jre/lib/security/cacerts}
于 2014-01-23T06:00:50.733 回答