需要使用.cer证书进行GET& POST HTTPS请求 [英] Need to do a GET&POST HTTPS Request using a .cer certificate

问题描述

我有一个.cer自签名证书，我需要使用它来向JAVA中的Web服务发出GET / POST请求。我对这个概念完全陌生。我已经搜索了很多关于如何做到这一点，但没有任何帮助我。在这样做时，我遇到了java keystore&信托商店我想这可以用来完成我的任务。有人可以帮助我了解Java Keystore的工作原理。请建议是否有其他方法可以做到这一点。任何形式的帮助表示赞赏。在此先感谢。

I have a .cer self-signed certificate using which I need to make a GET/POST Request to a Webservice in JAVA. I'm totally new to this concept. I have googled a lot about how to do this, but nothing helped me. While doing this, I came across java keystore & truststore & I guess this can be used to accomplish my task. Can someone be kind enough to help me understand how java Keystore works. Please suggest if there is some other way to do this. Any kind of help is appreciated. Thanks in advance.

推荐答案

基本上，密钥库是地方（通常是文件），您可以在其中放置数字证书及其相应的私钥（只有当你是证书的所有者时才会拥有私钥 - 这是一个简化的解释，但我认为现在已经足够了）

Basically, a keystore is "place" (usually a file) where you can put digital certificates and its corresponding private keys (you'll have the private key only if you're the owner of the certificate - that's a simplified explanation, but I think it's good enough for now)

当您获得/发布到https URL时，这意味着您访问的服务器具有自己的数字证书。要成功访问它，您需要信任该证书。在java中，您可以通过创建包含证书和相应链的密钥库来实现（每个证书都由具有证书的其他实体签名，或者它是自签名的。因此您获得签署证书的证书，证书谁签署签名者，等等，直到你得到一个自签名的，所有这些证书都是链 - 你需要将所有链证书放在密钥库中）
这个特定的密钥库叫做truststore（包含所有可信证书的商店。）

When you get/post to a https URL, it means that the server you're accessing has its own digital certificate. And to successfully access it, you need to trust that certificate. In java you can do it by creating a keystore that contains the certificate and the corresponding chain (each certificate is signed by some other entity who also has a certificate, or it's self signed. So you get the certificate who signed it, the certificate who signed the signer, and so on, until you get to a self signed one, and all of these certificates are the chain - you need to put all the chain certificates inside the keystore) This specific keystore is called truststore (the store that contains all trusted certificates).

您拥有的自签名证书是服务证书吗？如果是这样，只需用它创建一个密钥库并将其设置为您的信任存储。

The self signed certificate that you have is the service's certificate? If so, just create a keystore with it and set it as your trust store.

如何创建密钥库： https://docs.oracle.com/cd/E19509-01/820-3503/ggfen/index。 html （或Keystore类的搜索示例）

How to create a keystore: https://docs.oracle.com/cd/E19509-01/820-3503/ggfen/index.html (or search examples for the Keystore class)

如何设置信任存储： java SSL和证书密钥库

这篇关于需要使用.cer证书进行GET& POST HTTPS请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！