só uma duvida que tenho: onde conseguiu o certificado ? falo do .cer ou pfx
Desse link que é o meu servico
https://200.214.130.41:9443/farmaciahomologa/services/ServicoSolicitacaoWS?wsdl
[quote=roodrigo.p]Desse link que é o meu servico
https://200.214.130.41:9443/farmaciahomologa/services/ServicoSolicitacaoWS?wsdl[/quote]
pelo browser vc esxporta para .pfx não esque de marcar a opção exportar toda cadeia de chaves.
Entao importei como pfx
Na hora de chamar coloquei assim:
new Certificado().configurarSSL(
“DTR2015.SAUDE.GOV.BR.PFX”,
“jssecacerts”);
e no configurarSSL coloquei a linha assim
System.setProperty(“javax.net.ssl.keyStoreType”, “PKCS12”);
e deu o seguinte erro:
Caused by: java.io.IOException: toDerInputStream rejects tag type 45
at sun.security.util.DerValue.toDerInputStream(Unknown Source)
at com.sun.net.ssl.internal.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(Unknown Source)
at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.getDefaultKeyManager(Unknown Source)
at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
... 22 more
[quote=roodrigo.p]Entao importei como pfx
Na hora de chamar coloquei assim:
new Certificado().configurarSSL(
“DTR2015.SAUDE.GOV.BR.PFX”,
“jssecacerts”);
e no configurarSSL coloquei a linha assim
System.setProperty(“javax.net.ssl.keyStoreType”, “PKCS12”);
e deu o seguinte erro:
Caused by: java.io.IOException: toDerInputStream rejects tag type 45
at sun.security.util.DerValue.toDerInputStream(Unknown Source)
at com.sun.net.ssl.internal.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(Unknown Source)
at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.getDefaultKeyManager(Unknown Source)
at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
... 22 more[/quote]
importou não, exportou não é ?
exportar o .cer do seu browser para um .pfx, geralmente o browser coloca o desktop este arquivo, la nas proparties vc precisa passar o caminho completo, se passar só o nome ele vai considerar que esteja na raiz.
EXPORTEI, kkk to ficano doido ja kk
Então mais eu exportei direto dentro da raiz do projeto
e ja tentei colocando o caminho tbm…
Como o certificado é pfx, na linha System.setProperty(“javax.net.ssl.keyStoreType”, “PKCS12”); eu coloco o PKCS12 mesmo???
cara, gera o arquivo trustore( jks ) por aqui: só antes de gerar troca a url ali pela que esta dentro do wsdl, pois aqui na empresa não consigo abrir o endereço que me passou, alias nem pico este ip. detalhe: ao colocar a url não precisa o inicio hhtps:// e nem o final. depois de gerar o arquivo coloca na raiz da app e coloca o nome la trust_store
package br.com.vinicios.nfe2;
import java.io.*;
import java.security.*;
import java.security.cert.*;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.*;
/**
* @author dilnei
* Classe Responsavel por instalar o certificado na aplicacao.
*/
public class InstallCert {
public static void main(String[] arg) throws Exception {
List<String> hostList = new ArrayList<String>();
hostList.add("homologacao.nfe.sefaz.rs.gov.br");
for (String host : hostList) {
instala(host);
}
}
public static void instala(String host) throws Exception {
// Cria o arquivo onde serão adicionados os certificados.
String trustStoreName = "trust_store";
File file = new File(trustStoreName);
if (file.isFile() == false) {
char SEP = File.separatorChar;
File dir = new File(System.getProperty("java.home") + SEP + "lib" + SEP + "security");
file = new File(dir, trustStoreName);
if (file.isFile() == false) {
file = new File(dir, "cacerts");
}
}
System.out.println("*** " + host + " no arquivo " + file.getAbsolutePath() + " ***");
int port = 443;
char[] passphrase = "changeit".toCharArray();
InputStream in = new FileInputStream(file);
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(in, passphrase);
in.close();
SSLContext context = SSLContext.getInstance("TLS");
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
X509TrustManager defaultTrustManager = (X509TrustManager) tmf.getTrustManagers()[0];
SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
context.init(null, new TrustManager[]{tm}, null);
SSLSocketFactory factory = context.getSocketFactory();
// Comunica-se com o servidor para obter os certificados.
SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
socket.setSoTimeout(10000);
try {
socket.startHandshake();
socket.close();
} catch (SSLException e) {
e.printStackTrace(System.out);
}
X509Certificate[] chain = tm.chain;
if (chain == null) {
System.out.println("*** Could not obtain server certificate chain");
return;
}
// Processa cada um dos certificados recebidos na cadeia do servidor.
MessageDigest sha1 = MessageDigest.getInstance("SHA1");
MessageDigest md5 = MessageDigest.getInstance("MD5");
for (int i = 0; i < chain.length; i++) {
X509Certificate cert = chain[i];
sha1.update(cert.getEncoded());
md5.update(cert.getEncoded());
}
int k = 0;
X509Certificate cert = chain[k];
String alias = host + "-" + (k + 1);
ks.setCertificateEntry(alias, cert);
OutputStream out = new FileOutputStream(trustStoreName);
ks.store(out, passphrase);
out.close();
System.out.println("*** Added certificate to keystore '" + trustStoreName + "' using alias '" + alias + "'");
}
private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();
private static String toHexString(byte[] bytes) {
StringBuilder sb = new StringBuilder(bytes.length * 3);
for (int b : bytes) {
b &= 0xff;
sb.append(HEXDIGITS[b >> 4]);
sb.append(HEXDIGITS[b & 15]);
sb.append(' ');
}
return sb.toString();
}
private static class SavingTrustManager implements X509TrustManager {
private final X509TrustManager tm;
private X509Certificate[] chain;
SavingTrustManager(X509TrustManager tm) {
this.tm = tm;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
throw new UnsupportedOperationException();
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
throw new UnsupportedOperationException();
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
this.chain = chain;
tm.checkServerTrusted(chain, authType);
}
}
}
[quote=roodrigo.p]e ja tentei colocando o caminho tbm…
Como o certificado é pfx, na linha System.setProperty(“javax.net.ssl.keyStoreType”, “PKCS12”); eu coloco o PKCS12 mesmo???[/quote]
sim isto diz que é do tipo A1 o certificado.
A mano n ta dano certo
[code]package ServicosWS;
/**
- http://blogs.sun.com/andreas/resource/InstallCert.java
- Use:
- java InstallCert hostname
- Example:
*% java InstallCert ecc.fedora.redhat.com
*/
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
/**
-
@author dilnei
-
Classe Responsavel por instalar o certificado na aplicacao.
*/
public class InstallCert {public static void main(String[] arg) throws Exception {
List hostList = new ArrayList();
hostList.add(“200.214.130.41:9443/farmaciahomologa/services/ServicoSolicitacaoWS”);
for (String host : hostList) {
instala(host);
}
}public static void instala(String host) throws Exception {
// Cria o arquivo onde serão adicionados os certificados.
String trustStoreName = “trust_store”;
File file = new File(trustStoreName);
if (file.isFile() == false) {
char SEP = File.separatorChar;
File dir = new File(System.getProperty(“java.home”) + SEP + “lib” + SEP + “security”);
file = new File(dir, trustStoreName);
if (file.isFile() == false) {
file = new File(dir, “cacerts”);
}
}
System.out.println("*** " + host + " no arquivo " + file.getAbsolutePath() + " ***");int port = 443; char[] passphrase = "changeit".toCharArray(); InputStream in = new FileInputStream(file); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(in, passphrase); in.close(); SSLContext context = SSLContext.getInstance("TLS"); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); X509TrustManager defaultTrustManager = (X509TrustManager) tmf.getTrustManagers()[0]; SavingTrustManager tm = new SavingTrustManager(defaultTrustManager); context.init(null, new TrustManager[]{tm}, null); SSLSocketFactory factory = context.getSocketFactory(); // Comunica-se com o servidor para obter os certificados. SSLSocket socket = (SSLSocket) factory.createSocket(host, port); socket.setSoTimeout(10000); try { socket.startHandshake(); socket.close(); } catch (SSLException e) { e.printStackTrace(System.out); } X509Certificate[] chain = tm.chain; if (chain == null) { System.out.println("*** Could not obtain server certificate chain"); return; } // Processa cada um dos certificados recebidos na cadeia do servidor. MessageDigest sha1 = MessageDigest.getInstance("SHA1"); MessageDigest md5 = MessageDigest.getInstance("MD5"); for (int i = 0; i < chain.length; i++) { X509Certificate cert = chain[i]; sha1.update(cert.getEncoded()); md5.update(cert.getEncoded()); } int k = 0; X509Certificate cert = chain[k]; String alias = host + "-" + (k + 1); ks.setCertificateEntry(alias, cert); OutputStream out = new FileOutputStream(trustStoreName); ks.store(out, passphrase); out.close(); System.out.println("*** Added certificate to keystore '" + trustStoreName + "' using alias '" + alias + "'");}
private static final char[] HEXDIGITS = “0123456789abcdef”.toCharArray();private static String toHexString(byte[] bytes) {
StringBuilder sb = new StringBuilder(bytes.length * 3);
for (int b : bytes) {
b &= 0xff;
sb.append(HEXDIGITS[b >> 4]);
sb.append(HEXDIGITS[b & 15]);
sb.append(’ ');
}
return sb.toString();
}private static class SavingTrustManager implements X509TrustManager {
private final X509TrustManager tm; private X509Certificate[] chain; SavingTrustManager(X509TrustManager tm) { this.tm = tm; } @Override public X509Certificate[] getAcceptedIssuers() { throw new UnsupportedOperationException(); } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { throw new UnsupportedOperationException(); } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { this.chain = chain; tm.checkServerTrusted(chain, authType); }}
}[/code]
Ja ta encheno o saco isso :S
assim:
hostList.add(“200.214.130.41:9443”);
*** 200.214.130.41:9443 no arquivo C:\Program Files\Java\jre1.6.0_06\lib\security\cacerts ***
Exception in thread "main" java.net.UnknownHostException: 200.214.130.41:9443
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(Unknown Source)
at ServicosWS.InstallCert.instala(InstallCert.java:76)
at ServicosWS.InstallCert.main(InstallCert.java:41)
Da esse erro
[quote=roodrigo.p]*** 200.214.130.41:9443 no arquivo C:\Program Files\Java\jre1.6.0_06\lib\security\cacerts ***
Exception in thread "main" java.net.UnknownHostException: 200.214.130.41:9443
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(Unknown Source)
at ServicosWS.InstallCert.instala(InstallCert.java:76)
at ServicosWS.InstallCert.main(InstallCert.java:41)
Da esse erro
[/quote]
pinga este ip e veja se responde, pois daqui não cosegui, acho que este endereço esta até errado.
n da
Ja enviei
bom dia Roodrigo, conseguiu consumir ?
Bom dia…
Ainda não, estou naquele mesmo erro…
quer que eu mande a minha classe de consumir pra voce dar uma olhada???
Abs
[quote=roodrigo.p]Bom dia…
Ainda não, estou naquele mesmo erro…
quer que eu mande a minha classe de consumir pra voce dar uma olhada???
Abs[/quote]
manda no meu email.
Ja enviei, t+