首页 \ 问答 \ 使用HttpClient与SSL和证书(Using HttpClient with SSL and certificates)

使用HttpClient与SSL和证书(Using HttpClient with SSL and certificates)

 虽然我已经熟悉HTTPS和SSL的概念,但我最近开始了一些开发,发现我有点困惑。 
 

 要求是我编写了一个小型Java应用程序,它运行在连接到扫描仪的机器上。 扫描文档时,将拾取该文档并将文件(通常为PDF)通过Internet发送到我们的应用程序服务器,然后处理该文件。 我使用Apache Commons库和HTTPClient编写了应用程序。 
 

 第二个要求是通过SSL连接,需要证书。 按照HTTPclient页面上的指导,我使用了贡献页面中的AuthSSLProtocolSocketFactory。 
 

 构造函数可以使用密钥库,密钥库密码,信任库和信任库密码。 作为初步测试,我们的DBA在我们的一个开发Web服务器上启用了SSL,并为我提供了一个.p12文件,当我导入IE时,我可以成功连接。 
 

 我在密钥库和信任库之间有点困惑,我需要使用keytool采取什么步骤。 我尝试将p12导入密钥库文件,但得到错误: 
 

keytool error: java.lang.Exception: Input not an X.509 certificate

 

 我遵循了将p12导入Internet Explorer并导出为.cer的建议,然后我可以成功导入到密钥库中。 当我把它作为AuthSSLProtocolSocketFactory的keystore参数提供时,我得到了一个毫无意义的错误,但是如果我把它作为一个信任库来尝试它看起来好像读得很好但最终我得到了 
 

Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

 

 我不确定我是否错过了一些步骤,我完全误解了SSL和相互认证,或者这是服务器端的错误配置。 
 

 任何人都可以提供建议或指向我可能帮助我解决这个问题的资源吗? 

While I've been familiar with HTTPS and the concept of SSL, I have recently begun some development and found I am a little confused.
 

The requirement was that I write a small Java application that runs on a machine attached to a scanner. When a document is scanned this is picked up and the file (usually PDF) sent over the internet to our application server that will then process it. I've written the application using Apache Commons libraries and HTTPClient. 
 

The second requirement was to connect over SSL, requiring a certificate. Following guidance on the HTTPclient page I am using AuthSSLProtocolSocketFactory from the contributions page.
 

The constructor can take a keystore, keystore password, truststore and truststore password. As an initial test our DBA enabled SSL on one of our development webservers and provided me with a .p12 file which when I imported into IE allows me to connect successfully.
 

I am a bit confused between keystores and truststores and what steps I need to take using the keytool. I tried importing the p12 into a keystore file but get the error:
 

keytool error: java.lang.Exception: Input not an X.509 certificate

 

I followed a suggestion of importing the p12 into Internet Explorer and exporting as a .cer which I can then successfully import into a keystore. When I supply this as a keystore argument of the AuthSSLProtocolSocketFactory I get a meaningless errror, but if I try it as a truststore it seems like it reads it fine but ultimately I get
 

Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

 

I am unsure if I have missed some steps, I am misunderstanding SSL and mutual authentication altogether or this is mis-configuration on the server side.
 

Can anyone provide suggestions or point me towards resources that might help me figure this out please?

原文:https://stackoverflow.com/questions/2774722
更新时间:2023-05-11 22:05

最满意答案

 您需要在应用程序中执行此操作。 CASE表达式不能用于控制流程。 许多RDBMS为此目的支持IF语句,但SQLite不支持。 SQLite的SQL方言不支持SQL控制流。 
 

 对于此问题,您可以尝试使用SQLite的INSERT OR REPLACE语法 ,但查看您的查询似乎与您尝试执行的操作完全匹配。 您将在碰撞时更新Signature,Mode,BlockID,OutputValue和PoolHeight,而您似乎只想更新BlockID和PoolHeight。 
 

 您可以使用INSERT [...] ON CONFLICT UPDATE语句,但我之前没有使用过所谓的UPSERT子句 。 我相信它看起来像这样: 
 

INSERT INTO Transactions (Hash, Time, _fROM, Signature, Mode, BlockID, OutputValue, PoolHeight) 
VALUES('VLEYCBLTDGGLHVQEWWIQ', 1531739096, 'GENESIS', 'GENESIS', - 1, 0, 0, NULL)
ON CONFLICT (Hash, Time) DO UPDATE SET BlockID = 0, PoolHeight = NULL 
    WHERE Hash = 'VLEYCBLTDGGLHVQEWWIQ' AND Time = 1531739096;

 

 但是,我自己从未在SQLite上使用过这种语句,所以我不确定它的确如何表现。 它似乎要求为CONFLICT指定的列被索引。 我不完全确定WHERE子句在这里是必要的。 阅读文档并首先进行广泛的测试。 
 

 另一种选择是每次只运行UPDATE语句,然后如果你得到零记录,则运行INSERT。 

You will need to do that in your application. The CASE expression cannot be used for control flow. Many RDBMSs support an IF statement for that purpose, but SQLite does not. SQLite's dialect of SQL does not support control flow with SQL.
 

For this problem, you can try using SQLite's INSERT OR REPLACE syntax, but looking at your queries it does not seem to 100% match what you're trying to do. You'd be updating Signature, Mode, BlockID, OutputValue, and PoolHeight on a collision, while it looks like you only want to update BlockID and PoolHeight.
 

You may be able to use an INSERT [...] ON CONFLICT UPDATE statement, but I haven't used the so-called UPSERT clause before. I believe it would look like this:
 

INSERT INTO Transactions (Hash, Time, _fROM, Signature, Mode, BlockID, OutputValue, PoolHeight) 
VALUES('VLEYCBLTDGGLHVQEWWIQ', 1531739096, 'GENESIS', 'GENESIS', - 1, 0, 0, NULL)
ON CONFLICT (Hash, Time) DO UPDATE SET BlockID = 0, PoolHeight = NULL 
    WHERE Hash = 'VLEYCBLTDGGLHVQEWWIQ' AND Time = 1531739096;

 

However, I've never used this statement myself on SQLite, so I'm not sure of exactly how it behaves. It does seem to require that the columns specified for CONFLICT are indexed. I'm not entirely sure the WHERE clause is even necessary here. Read the doc and do extensive testing first.
 

The other option would be to simply run the UPDATE statement every time, and then if you get zero records affected run the INSERT.

相关问答

更多

相关文章

更多
  • HttpClient 获取HTTPS证书和忽略证书错误
  • 了解 https ssl数字证书,关注 GlobalSign 微信,拿优盘
  • 了解 https ssl数字证书,关注 GlobalSign 微信,拿优盘
  • httpclient get请求
  • java server怎样和c++ client实现SSL通信??
  • HttpClient 异常与重试机制
  • httpclient post 请求
  • httpClient快速入门
  • HttpClient CacheConfig缓存处理示例
  • HttpClient DELETE请求示例

    • 最新问答

    更多
  • 获取MVC 4使用的DisplayMode后缀(Get the DisplayMode Suffix being used by MVC 4)
  • 如何通过引用返回对象?(How is returning an object by reference possible?)
  • 矩阵如何存储在内存中?(How are matrices stored in memory?)
  • 每个请求的Java新会话?(Java New Session For Each Request?)
  • css:浮动div中重叠的标题h1(css: overlapping headlines h1 in floated divs)
  • 无论图像如何,Caffe预测同一类(Caffe predicts same class regardless of image)
  • xcode语法颜色编码解释?(xcode syntax color coding explained?)
  • 在Access 2010 Runtime中使用Office 2000校对工具(Use Office 2000 proofing tools in Access 2010 Runtime)
  • 从单独的Web主机将图像传输到服务器上(Getting images onto server from separate web host)
  • 从旧版本复制文件并保留它们(旧/新版本)(Copy a file from old revision and keep both of them (old / new revision))
  • 西安哪有PLC可控制编程的培训
  • 在Entity Framework中选择基类(Select base class in Entity Framework)
  • 在Android中出现错误“数据集和渲染器应该不为null,并且应该具有相同数量的系列”(Error “Dataset and renderer should be not null and should have the same number of series” in Android)
  • 电脑二级VF有什么用
  • Datamapper Ruby如何添加Hook方法(Datamapper Ruby How to add Hook Method)
  • 金华英语角.
  • 手机软件如何制作
  • 用于Android webview中图像保存的上下文菜单(Context Menu for Image Saving in an Android webview)
  • 注意:未定义的偏移量:PHP(Notice: Undefined offset: PHP)
  • 如何读R中的大数据集[复制](How to read large dataset in R [duplicate])
  • Unity 5 Heighmap与地形宽度/地形长度的分辨率关系?(Unity 5 Heighmap Resolution relationship to terrain width / terrain length?)
  • 如何通知PipedOutputStream线程写入最后一个字节的PipedInputStream线程?(How to notify PipedInputStream thread that PipedOutputStream thread has written last byte?)
  • python的访问器方法有哪些
  • DeviceNetworkInformation:哪个是哪个?(DeviceNetworkInformation: Which is which?)
  • 在Ruby中对组合进行排序(Sorting a combination in Ruby)
  • 网站开发的流程?
  • 使用Zend Framework 2中的JOIN sql检索数据(Retrieve data using JOIN sql in Zend Framework 2)
  • 条带格式类型格式模式编号无法正常工作(Stripes format type format pattern number not working properly)
  • 透明度错误IE11(Transparency bug IE11)
  • linux的基本操作命令。。。

    • Copyright ©2023 peixunduo.com All Rights Reserved.粤ICP备14003112号

    本站部分内容来源于互联网,仅供学习和参考使用,请莫用于商业用途。如有侵犯你的版权,请联系我们(neng862121861#163.com),本站将尽快处理。谢谢合作!