Payment system Rapida. How to place certificates in java?

There is a file Certificate.key (RSA), is file Certificate.cer received from Rapida is soft inherited. How to teach Java to use the certificate?


I have to have two files *.cer (clientCert) and *.key (privateKey)

Pokopavshis found in the code line

R1 PEMReader = new PEMReader(new StringReader(data.paramNamed("privateKey")));

R2 PEMReader = new PEMReader(new StringReader(data.paramNamed("clientCert")));

And then I have hung at all :(

As *.key to *.pem and *.cer to *.pem to implement


And that Java speaks hoarsely the following error


INFO 05.03.12 12:04:38.053 [Thread-5] Http GET request (timeout: 0 ms) on gate.rapida.ru/gate?function=getbalance&PaymExtId=...

headers:

status: null

ERROR 05.03.12 12:04:38.291 [Thread-5] Updating balance of ProcessingData(id: 1180;type: 175) failed

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.the certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)

at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)

at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)

at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)

at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)

at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)

at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)

at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.flushRequestOutputStream(MultiThreadedHttpConnectionManager.java:1565)

at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)

at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)

at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)

at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)

at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)

at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)

at fs.core.tools.InternetProvider.executeWithClientCert(InternetProvider.java:181)

at fs.plugins.rapida.RapidaGateway.sendMessage(RapidaGateway.java:189)

at fs.plugins.rapida.RapidaBalanceRequest.execute(RapidaBalanceRequest.java:15)

at fs.core.domain.ProcessingData.updateBalance(ProcessingData.java:261)

at fs.offline.balances.GatewayBalanceUpdater.body(GatewayBalanceUpdater.java:100)

at fs.core.services.Service.run(Service.java:196)

at java.lang.Thread.run(of the Thread.java:619)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.the certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)

at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)

at sun.security.validator.Validator.validate(Validator.java:218)

at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)

at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)

at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)

... 24 more

Caused by: sun.security.provider.the certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.provider.the certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)

at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)

at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)

... 30 more
October 8th 19 at 02:29
4 answers
October 8th 19 at 02:31
You want to add .cer files in the keystore system.
No idea where the file Rapida, you'll just have to find out.

Or you can add to the root store of the JRE (keytool -import-trustcacerts -file Certificate.cer -alias RAPIDA -keystore $JAVA_HOME/jre/lib/security/cacerts)
The default password is changeme
Oh throws an error "keytool error: java.lang.Exception: Input not an X. 509 certificate" - Freida.Wintheiser commented on October 8th 19 at 02:34
libc6.org/page/hot-to-add-cert-in-openfire/ I once a long time tinkering with this, I hope will help - rosella_Bergna commented on October 8th 19 at 02:37
But if the application client? - Kellie.Heidenreich17 commented on October 8th 19 at 02:40
October 8th 19 at 02:33

Try to use here this decision.

October 8th 19 at 02:35

On the website Rapida is an example ofhow to connect to their server from Java s. No problems got everything. The tests went.

October 8th 19 at 02:37
The option of dobavlenie in the jre is not very good, as it will require patching every time after upgrading. Certificate plus sooner or later will rot and you will have other bugs, so it is better to follow the date programmatically.
You can view and download the certificate manually(e.g. via a browser), and then each time you start the application, dynamically load.
Decided there is a similar problem for a client. Decided to upgrade to the latest version in the branch. There needed root certificates. What's your JDK version?
Agree with .First, you must understand what constructors supports PemReader in your code.
For example :

com.google.api.client.util.PemReader
PemReader r = new PemReader(new the InputStreamReader(is));

Thus, you can read the certificate file from the filesystem and pass it as stream to the constructor of PemReader - Freida.Wintheiser commented on October 8th 19 at 02:40

Find more questions by tags Java