如何从HTTPS请求中获取证书?

huangapple go评论102阅读模式
英文:

How can I get Certificate from HTTPS request?

问题

我正在使用Google助手/Dialogflow。我想要检查所有传入的请求。我需要获取并验证一个证书。我尝试从HttpRequestServlet的头部或参数中获取证书,但是没有获得任何内容。我该如何做?

英文:

I am working with Google Assistant / Dialogflow. I want to check all incoming requests. I need to get and verify a certificate.
I try to get a certificate from a header or param from HttpRequestServlet but nothing to get.
How can I do this?

答案1

得分: 1

我假设您想要在您的Java Webhook服务器中验证传入的Dialogflow请求。

请查看这个链接。您应该使用双向TLS身份验证:

要求双向TLS:

  • 配置您的Webhook HTTPS服务器,在TLS握手期间请求客户端证书。
  • 在收到客户端证书时,您的Webhook服务器应该进行验证。
  • 为您的Webhook服务器安装证书链,该链可由客户端和服务器都信任。您应该使用Google Trust Services CA 1O1(GTS CA 1O1)。GTS CA 1O1使用GlobalSign R2根证书(GS Root R2),由Google Trust Services拥有和控制。您可以从以下链接下载:https://pki.goog/repository/

文档还提供了关于如何在Node.js服务器上执行此操作的演示。在Java中,这取决于您使用的内容,但过程是相同的。因此,请查看关于在Java服务器上设置双向TLS的这些链接,您可以使用Node.js服务器演示作为参考。

英文:

I'm assuming that you want to validate incoming Dialogflow requests in your Java webhook server.

Take a look at this. You should use Mutual TLS authentication:

To request mTLS:

  • Prepare your webhook HTTPS server to request the client certificate during the TLS handshake.
  • Your webhook server should verify the client certificate upon receiving it.
  • Install a certificate chain for your webhook server, which can be mutually trusted by both client and server. You should use Google Trust Services CA 1O1 (GTS CA 1O1). GTS CA 1O1 uses the GlobalSign R2 root (GS Root R2), which is owned and controlled by Google Trust Services. You can download it from: https://pki.goog/repository/

The documentation also provides a demo about how to do this on NodeJS server. In Java, it depends on what you're using but the process is the same. So take a look a these links about setting up mTLS on Java servers and you can use the NodeJS server demo as reference.

huangapple
  • 本文由 发表于 2020年10月26日 20:05:38
  • 转载请务必保留本文链接:https://go.coder-hub.com/64536812.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定