LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

@XYZXYZXYZ(kodomo daigaku)

自己証明書からJavaClient

Last updated at Posted at 2024-01-20

以下の手順を参照

自己証明書作成手順

秘密鍵の作成

[root@docker163 ~]# openssl genrsa -aes128 2048 > server.key
Generating RSA private key, 2048 bit long modulus (2 primes)
.......................+++++
.......................................+++++
e is 65537 (0x010001)
Enter pass phrase:
Verifying - Enter pass phrase:
[root@docker163 ~]#

CSR(Certificate Signing Request) ファイルを作成


[root@docker163 ~]# openssl req -new -key server.key > server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:JP
State or Province Name (full name) []:TOKYO
Locality Name (eg, city) [Default City]:XXX
Organization Name (eg, company) [Default Company Ltd]:XXX
Organizational Unit Name (eg, section) []:XXX
Common Name (eg, your name or your server's hostname) []:192.168.2.251
Email Address []:^C
[root@docker163 ~]# openssl req -new -key server.key > server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:JP
State or Province Name (full name) []:JP
Locality Name (eg, city) [Default City]:JP
Organization Name (eg, company) [Default Company Ltd]:JP
Organizational Unit Name (eg, section) []:JP
Common Name (eg, your name or your server's hostname) []:192.168.2.163
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: keXnkXenX
An optional company name []:XXX

自己証明書作成

[root@docker163 ~]# openssl x509 -in server.csr -days 365000 -req -signkey server.key > server.crt
Signature ok
subject=C = JP, ST = JP, L = JP, O = JP, OU = JP, CN = 192.168.2.163
Getting Private key
Enter pass phrase for server.key:
[root@docker163 ~]#

以外にapacheの設定にてこづった
やったこと
ssl.confのListen部分をコメントアウト
VirualServerは以下のように記載
※後日はること

keytoolsはログが消失。以下のようにやればできた
パスワードはchageitでOK

keytool -import -trustcacerts -file "C:\pleiades\server.crt" -keystore "C:\pleiades\2022-12\java\8\jre\lib\security\cacerts" -alias ca

インポート後にSSLのエラーがなくなったことを確認

最後に
eclipseで作成したJavaClientからの接続

コードのパクり元

package httpclient;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;

import org.apache.http.HttpStatus;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

class Sample {

	void runSample() {
		Charset charset = StandardCharsets.UTF_8;
		
		CloseableHttpClient httpclient = HttpClients.createDefault();
		HttpGet request = new HttpGet("https://192.168.2.163/aaa.html");
		
		System.out.println
			("requestの実行 「" + request.getRequestLine() + "」");
			//requestの実行 「GET http://httpbin.org/get HTTP/1.1」
		
		CloseableHttpResponse response = null;

		try {
			response = httpclient.execute(request);
			
			int status = response.getStatusLine().getStatusCode();
			System.out.println("HTTPステータス:" + status);
			//HTTPステータス:200
			
			if (status == HttpStatus.SC_OK){				
				String responseData = 
					EntityUtils.toString(response.getEntity(),charset);				
				System.out.println(responseData);
				//取得したデータが表示される
			}
		} catch (ClientProtocolException e) {
			e.printStackTrace();
		} catch (UnsupportedEncodingException e) {
			e.printStackTrace();
		} catch (IOException e) {
			e.printStackTrace();
		} finally {
			try {
				if (response != null) {
					response.close();
				}
				if (httpclient != null) {
					httpclient.close();
				}
			} catch (IOException e) {
				e.printStackTrace();
			}
		}
	}
}
public class HttpClientTest {
	public static void main(String[] args) {
		Sample s = new Sample();
		s.runSample();
	}
	
	
}
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?