记录一次Java中使用P12证书访问https，nginx返回403的问题

1、先使用浏览器导入证书访问，测试证书和密钥是否正确

在这里插入图片描述
成功返回，说明p12证书和密钥是没问题的。

2、编写初始java代码

import javax.net.ssl.*;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;public class P12CertificateExample {public static void main(String[] args) throws Exception {// 加载P12证书文件String p12File = "E:\\xxxxxx.p12";String password = "xxxxxx";KeyStore keyStore = KeyStore.getInstance("PKCS12");InputStream inputStream = Files.newInputStream(Paths.get(p12File));keyStore.load(inputStream, password.toCharArray());// 创建KeyManagerFactory，并初始化KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());keyManagerFactory.init(keyStore, password.toCharArray());// 创建信任管理器TrustManager[] trustManagers = { new X509TrustManager() {@Overridepublic void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {}@Overridepublic void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {}@Overridepublic X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}} };// 创建SSL上下文并初始化SSLContext sslContext = SSLContext.getInstance("TLS");sslContext.init(keyManagerFactory.getKeyManagers(), trustManagers, new SecureRandom());// 设置默认的SSL上下文SSLContext.setDefault(sslContext);// 创建URL对象String url = "https://api.xxxx.com/xxx/xxx/xxx";HttpsURLConnection connection = (HttpsURLConnection) new URL(url).openConnection();HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);// 发送请求connection.setRequestMethod("GET");connection.connect();// 获取响应int responseCode = connection.getResponseCode();InputStream responseStream;if (responseCode == HttpsURLConnection.HTTP_OK) {responseStream = connection.getInputStream();} else {responseStream = connection.getErrorStream();}// 处理响应数据// ...// 读取响应数据BufferedReader reader = new BufferedReader(new InputStreamReader(responseStream));StringBuilder response = new StringBuilder();String line;while ((line = reader.readLine()) != null) {response.append(line);}// 打印响应结果System.out.println("Response: " + response.toString());// 关闭连接和流responseStream.close();connection.disconnect();}
}

3、结果响应 403 Forbidden

在这里插入图片描述

Response: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>

4、解决方案

后经过漫长的排查…对代码添加请求头，如下：

connection.setRequestProperty("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36");

java代码就能正常返回了。

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.mzph.cn/news/812135.shtml

如若内容造成侵权/违法违规/事实不符，请联系多彩编程网进行投诉反馈email:809451989@qq.com，一经查实，立即删除！