From my Java application, I want to connect to the remote host and get the response from that host through rest.
I have certificate of that site, so I installed that in lib\security\cacerts in my local environment.
Then I used following code to connect:
URL obj = new URL("https://ip/security/sso/?");
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("User-Agent", USER_AGENT);
int responseCode = con.getResponseCode();
It works perfectly locally and I am getting 200 response as expected.
But when I want to deploy this code on Kubernetes environment, that team is saying they can't install this certificate in cacerts (I don't understand much on Kubernetes ) and suggested me to keep certificate in some location and read that .jks certificate through Java code and then connect to https site.
I am not sure how to write that code. I tried this way but it did not work:
final String allPassword = "changeit";
SSLContext sslContext = null;
try {
sslContext = SSLContextBuilder.create()
.loadKeyMaterial(ResourceUtils.getFile("C:\\certificate\\abc.jks"), allPassword.toCharArray(),
allPassword.toCharArray())
.build();
} catch (KeyManagementException | UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException
| CertificateException | IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
HttpClient client = HttpClients.custom().setSSLContext(sslContext).build();
HttpGet getMethod = new HttpGet(obj.toString());
HttpResponse response = client.execute(getMethod);
I am getting ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException
Do you have any idea how can I validate that certificate through code without installing it in cacert?
