我正在尝试使用Scala Play框架来调用HTTPS web api,这需要我发送特定的客户端证书 . 我设置了以下JVM参数:
-
-Djavax.net.ssl.trustStore = t:/certs/mine/testtest.ts
-
-Djavax.net.ssl.trustStorePassword = testtest
-
-Djavax.net.ssl.keyStore = t:/certs/mine/keystore.keystore
-
-Djavax.net.ssl.keyStorePassword = testtest
信任库正在运行,但密钥库中的证书不是 . 密钥库是从证书私钥创建的 . 调查密钥库会显示相应的证书,并且类型为“PrivateKeyEntry” .
这是我的测试代码:
import scala.concurrent.ExecutionContext.Implicits._
private val urlLht = <url>
def main(args: Array[String]): Unit = {
implicit val system = ActorSystem()
implicit val materializer = ActorMaterializer()
val wsClient = AhcWSClient()
call(wsClient)
.andThen { case _ => wsClient.close() }
.andThen { case _ => system.terminate() }
}
def call(wsClient: WSClient): Future[Unit] = {
val requestFuture = wsClient.url(urlLht).get
requestFuture.recover { case NonFatal(t) => t.printStackTrace; throw t }.map { response =>
val statusText: String = response.statusText
println(s"Got a response $statusText")
}
}
这是错误:
java.net.ConnectException: Received fatal alert: bad_certificate
但是,使用openssl一切正常 . 像这样:
openssl s_client -showcerts -connect <host> -CAfile <cafile> <clientcertificate>