Sunday, 23 September 2018

Rest Endpoint Invocation over SSL (HTTPS) - Using Spring RestTemplate , Certificate Keystore , SSLContext , SocketFactory JKS


Main Class to achieve rest invocation to any url over HTTPS.
Pre requisite:- Make sure the certificate is imported into new JKS keystore.
The certificate should be added to cacert of your JDK .
       

import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;

import javax.net.ssl.SSLContext;

import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.springframework.http.ResponseEntity;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;

/**
 * @author Sanal 
Invoking a Rest Endpoint over SSL
 */
public class RestInvoker {

 // resttemplate has its own encoding mechanism - so do not try encoded urls
 static String restURL = "https://google.com";

 public static void main(String[] args)

 {

  try {
   System.out.println("Invoking Rest Client");

   HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();

   SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(SSLFactory.getSSLContext());
   CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(csf).build();
   requestFactory.setHttpClient(httpClient);
   RestTemplate restTemplate = new RestTemplate();

   restTemplate.setRequestFactory(requestFactory);

   System.out.println("INVOKING " + restURL);

   ResponseEntity response = restTemplate.getForEntity(restURL, String.class);
   System.out.println("Response Status Code  " + response.getStatusCodeValue());
   System.out.println("Response Body  " + response.getBody());
  } catch (Exception e) {
   System.out.println("Rest Invocation failed " + e.getStackTrace());
  }

 }

 /*
  * Static Class that will invoke the SSLContext with the appropriate Certs
  * used for the HttpClient Request
  */

 public static class SSLFactory {

  private static String jksFilePath = "C:/Users/Desktop/certs.jks";
  private static String jksPwd = "password";
  private static KeyStore ks;
  private static SSLContext sslContext;

  public SSLFactory() {

   System.out.println("Get a Socket Factory Loaded with Custom certs");

  }

  public static SSLContext getSSLContext() {
   try {

    sslContext = SSLContexts.custom().loadKeyMaterial(loadKeyStore(), jksPwd.toCharArray()).build();
   } catch (Exception e) {
    System.out.println(" KeyStore getSSLContext Exception" + e.getStackTrace());
   }
   return sslContext;

  }

  public static KeyStore loadKeyStore() {
   try (InputStream in = new FileInputStream(new File(jksFilePath))) {
    ks = KeyStore.getInstance(KeyStore.getDefaultType());
    System.out.println("KEYSTORE INIT");

    ks.load(in, jksPwd.toCharArray());

   } catch (Exception e) {
    System.out.println(" Loading KeyStore Exception" + e.getStackTrace());
   }
   return ks;

  }

 }

}
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

AWS Certificate Manager - Import Certificate

How to import a certificate. Use Key Store Explorer to open the cert and export keypair in PEM format  This will save a file cert.pem. Make ...