Achieve external api calls using Spring WebClient and .p12 cert

Question

I have .p12 certificate inside my project placed into recources directory. All I want to do is to use this file to make external api calls. So I have read some info about how to achieve this:

private WebClient getWebClient() {
  HttpClient httpClient = HttpClient.create();

  httpClient.secure(spec -> {
    KeyStore keyStore = KeyStore.getInstance("PKCS12");
    keyStore.load(new FileInputStream(ResourceUtils.getFile(keyStorePath)), keyStorePass.toCharArray());

    // Set up key manager factory to use key-store
    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(keyStore, keyStorePass.toCharArray());
    
    spec.sslContext(SslContextBuilder.forClient()
        .keyManager(keyManagerFactory)
        .build());
  });

  return WebClient
      .builder()
      .clientConnector(new ReactorClientHttpConnector(httpClient))
      .build();
}

After the external api call I get:

unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Thank you guys in advance for any solutions.

score 1 · Answer 1 · edited Oct 21 '22 at 08:07

1

I propose to load p12 file via Resource loader API as an alternative approach.

edited Oct 21 '22 at 08:07

Yunnosch

26,130
9
42
54

answered Oct 21 '22 at 07:48

Gaurav

11
1

Achieve external api calls using Spring WebClient and .p12 cert

1 Answers1