I am trying to access the REST API through rest assured library in java, this API is secured with SSL certificate and key. Is there a way to pass the certificate and key and access the REST API? I tried with RestAssured.Keystore() method by importing the certificate and key to keystore but it does not work.
Any help on this is much appreciated..!!
You may need to set both the keystore and trustStore (this would be your cacert file).
RestAssured.keystore("path_to_jks_file", "keystore_passsword");
RestAssured.trustStore("path_to_cacert", "trustStore_password");
The default password for cacert is changeit.
There was a bug on this in the earlier versions of RestAssured, but it's been fixed since v3.0.2. So be sure to use the latest.
Create a SpringBoot or java application like this:
HttpHeaders headers = new HttpHeaders();
headers.set(HttpHeaders.USER_AGENT, "YOURS/1.0.0");
headers.set("X-App-Username", "YOURS");
headers.set("App-Username", "YOURS");
headers.set(HttpHeaders.CONTENT_TYPE, "application/json");
headers.set(HttpHeaders.CONNECTION, "Keep-Alive");
headers.set(HttpHeaders.HOST, "IP");
headers.set(HttpHeaders.ACCEPT_LANGUAGE, "pt-BR");
headers.add("Accept","application/json;charset=UTF-8");
headers.setContentType(MediaType.APPLICATION_JSON_UTF8);
request = new HttpEntity<HttpHeaders>(headers);
System.setProperty("javax.net.ssl.trustStore", "YOUR_PATH/clientcert.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "pwd123");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
System.setProperty("javax.net.ssl.keyStore", "YOUR_PATH/trustStore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "pwd123");
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
System.setProperty("javax.net.ssl.keyAlias", "localhost");
System.setProperty("javax.net.ssl.enabled", "true");
System.setProperty("javax.net.ssl.defaul-type", "JKS");
System.setProperty("javax.net.ssl.client-auth", "need");
System.setProperty("javax.net.ssl.protocols", "TLSv1.2");
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) { }
public void checkServerTrusted(X509Certificate[] certs, String authType) { }
} };
SSLContext sc = null;
try {
sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (KeyManagementException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
requestEntity = new HttpEntity<LinkedMultiValueMap<String, Object>>(null, headers);
responseEntity = null;
mapper = new ObjectMapper();
mapper.configure(DeserializationFeature.USE_JAVA_ARRAY_FOR_JSON_ARRAY, true);
You can use org.springframework.web.client.RestTemplate if your are using Spring.
Using spring, you can set this in a config file (application.yml):
server:
port: 9090
address: 0.0.0.0
contextPath: /your-url
ssl:
key-store: classpath:clientcert.jks
key-store-password: pwd123
key-alias: localhost
#enabled: true
trust-store: classpath:trustStore.jks
trust-store-password: pwd123
defaul-type: JKS
client-auth: need
protocols: TLSv1.2
