0

I have a client cert, key, and cacert to work with. The curl for the code I want would be
curl https:<ip>/query --cert client_cert.pem --key client_key.pem --cacert ca_cert.pem "-d <post data>"

I have tried to combine these files into a PFX (and p12) since that seems to be the required format but I'm not sure I did it correctly: 

openssl pkcs12 -export -out client.pfx -inkey client_key.pem -in client_cert.pem -certfile ca_cert.pem

I initially received an error about not having a SAN defined in my cert, I have since added some code that should ignore this but I don't think it's the cause of my problem. I receive a 404 as a result form the POST when a curl gives me the actual expected content

    KeyStore keyStore = KeyStore.getInstance("PKCS12");
    keyStore.load(new FileInputStream("client.pfx"), keyPassphrase.toCharArray());                                                                      


    SSLContext sslContext = SSLContexts.custom()
        .loadKeyMaterial(keyStore, keyPassphrase.toCharArray())
        .loadTrustMaterial(keyStore, TrustSelfSignedStrategy.INSTANCE)
        .build();

    HttpClient httpClient = HttpClients.custom().setSSLHostnameVerifier(new NoopHostnameVerifier()).setSSLContext(sslContext).build();                                  
    HttpPost httpPost = new HttpPost("https://" + ip + "/query");
    List<NameValuePair> params = new ArrayList<NameValuePair>();
    params.add(new BasicNameValuePair(postKey, postVal));

    httpPost.setEntity(new UrlEncodedFormEntity(params));

    HttpResponse response = httpClient.execute(httpPost);
    System.out.println(response.toString());

Gives 

HttpResponseProxy{HTTP/1.1 404 Not Found [Date: Sun, 28 Oct 2018 02:11:55 GMT, Server: Apache/2.4.29 (Ubuntu), Content-Length: 280, Keep-Alive: timeout=5, max=100, Connection: Keep-Alive, Content-Type: text/html; charset=iso-8859-1] ResponseEntityProxy{[Content-Type: text/html; charset=iso-8859-1,Content-Length: 280,Chunked: false]}}

Any ideas if my code is wrong or if it's the certs or what? From what I can tell I have made the pfx correctly, and the certs obviously work if the curl works. I've been working on this for a while and not able to figure it out.

Edit: The original code ("https//" vs "https://") was a typo on stack overflow due to me debugging. That wasn't the issue.

Improve this question

1 Answer 1

Reset to default
1

Add a colon (:) after the https.

HttpPost httpPost = new HttpPost("https//" + ip + "/query");    // old
HttpPost httpPost = new HttpPost("https://" + ip + "/query");   // new
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This was a typo in my post (I tried removing the s and testing with ssl and ended up removing the colon). The code has the colon and I still get a 404

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.