英文:
REST assured throws SSLPeerUnverifiedException: peer not authenticated
问题
我有一个暴露API的服务,我想要测试它。
我在本地主机上运行该服务,并且它有一个自签名证书。
我将.p12文件添加到test/resources,并在@BeforeAll中:
RestAssured
.config()
.sslConfig(
new SSLConfig().with().trustStoreType("PKCS12").and().relaxedHTTPSValidation().and()
.trustStore(ResourceUtils.getFile("classpath:cert.p12"), "mypassword"));
还添加了这个:
RestAssured.config().sslConfig(SSLConfig.sslConfig().allowAllHostnames());
尽管如此,我收到了以下错误:
> javax.net.ssl.SSLPeerUnverifiedException: 对等体未经身份验证
为什么?
更新:
在运行时,我可以看到RestAssured.config().getSSLConfig().getTrustStore()为null,但为什么?
更新2: 我不介意REST Assured会信任所有证书(安全性不是问题)。
英文:
I have a service that exposes an API which I'd like to test.
I'm running the service on localhost and it has a self-signed certificate.
I added the .p12 file to test/resources and on @BeforeAll:
RestAssured
.config()
.sslConfig(
new SSLConfig().with().trustStoreType("PKCS12").and().relaxedHTTPSValidation().and()
.trustStore(ResourceUtils.getFile("classpath:cert.p12"), "mypassword"));
Also added this:
RestAssured.config().sslConfig(SSLConfig.sslConfig().allowAllHostnames());
Although, I'm getting the following error:
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
Why?
UPDATE:
On runtime I can see that RestAssured.config().getSSLConfig().getTrustStore() is null but how?
UPDATE 2: I don't mind that REST assured will trust all certificates (security isn't an issue)
答案1
得分: 1
已经解决了(在某种程度上),方法是添加relaxedHTTPSValidation(),就像这样:
RestAssured.given().relaxedHTTPSValidation()
缺点:你必须为每个HTTP调用都这样做。
英文:
Solved it (sort of) by adding relaxedHTTPSValidation() like so:
RestAssured.given().relaxedHTTPSValidation()
drawback: you have to do that for every HTTP call.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论