1

I am working on Apple Pay POC and in this process, am trying to consume a rest service, but having hard time connecting to that server through Java code.

However, it is the working good with the below curl command.

curl -v --cert publicCert.pem:srk --key privateKey.pem -H Content-type:application/json --request POST --data 
{
    "merchantIdentifier": "merchant.com.xxxx.srk-demos",
    "displayName": "poc",
    "initiative": "web",
    "initiativeContext": "srk-demos.xxxx.com"
}
https://apple-pay-gateway-cert.apple.com/paymentservices/startSession

All I have got is a merchant.p12 file from which I have extracted the private key and public certificate in pem format. The private key has a password same as p12 file and it is srk in this case.

I am using Spring Boot with RestTemplate to consume the service. Imported the mic.p12 directly to jks. And, placed the jks into resources folder of my spring boot app.

And loaded this jks through code as suggested in the approach by Sasha Shpota for this relevant StackOverflow question but it didn't work either in my case.

Any thoughts or pointers on this is appreciated. I can call the above working curl command using java.lang.Runtime class, but that's not the efficient java way of doing it I believe.

I am using OpenJDK8

srk
  • 4,857
  • 12
  • 65
  • 109
  • 1
    darn certificates. who knows where the request tries to find a certificate ... there's the documentation how to debug [ssl stuff](https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/ReadDebug.html) how you find something useful there. – Curiosa Globunznik Dec 08 '19 at 20:42

1 Answers1

0

I have followed this post and it worked for me.

Created Identity store that has got the private key + public Certificate and trust store that contains the server certificate.

What did I miss previously? Tried to load p12 file using the following code snippet

try(CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(yourLoadSSLFunction()).build()){
}

which should not be be enclosed in try with resources rather should be used like this

CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(yourLoadSSLFunction()).build()

RestTemplate restTemplate = new RestTemplate();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
restTemplate.setRequestFactory(requestFactory);
srk
  • 4,857
  • 12
  • 65
  • 109