Skip to content

Instantly share code, notes, and snippets.

@ThomasG77

ThomasG77/App.java

Created February 10, 2023 14:11
Show Gist options
  • Save ThomasG77/b0b263d02d0ff8cd0e170789a614a0ce to your computer and use it in GitHub Desktop.
Save ThomasG77/b0b263d02d0ff8cd0e170789a614a0ce to your computer and use it in GitHub Desktop.
Download ZIP
Java certificate issues recipe + basic java demo
Raw
App.java
package com.demo.HttpClientDemo;
// Package Jar issue de https://github.com/stleary/JSON-java
import org.json.JSONArray;
import org.json.JSONObject;
import java.net.URI;
import java.net.http.HttpClient; // < New in Java 11, can also handle HTTP/2 requests!
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
/**
* Hello API data.gouv!
*
*/
public class App
{
public static void main( String[] args )
{
String url = "https://www.data.gouv.fr/api/1/datasets/5b7ffc618b4c4169d30727e0/";
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create(url))
.build();
try {
client.sendAsync(request, HttpResponse.BodyHandlers.ofString())
.thenApply(HttpResponse::body)
.thenApply(App::parse)
.join();
} catch(Exception e) {
System.out.println("ERROR!");
System.out.println(e);
}
}
public static String parse(String responseBody) {
JSONObject datasets = new JSONObject(responseBody);
try {
JSONArray resources = (JSONArray) datasets.get("resources");
for (int i = 0; i < resources.length(); i++) {
JSONObject resource = (JSONObject) resources.get(i);
String url = resource.getString("url");
System.out.println(url);
}
} catch(Exception e){
System.out.println(e);
}
return null;
}
}
Raw
fix-pkix-java-data-gouv.md

Erreur de type "PKIX path building failed"

Fix. Testé avec un JDK 19. Recette prise de https://github.com/escline/InstallCert.git

git clone https://github.com/escline/InstallCert.git
cd InstallCert
/usr/lib/jvm/jdk-19-0-2-amd64/bin/java --source 19 InstallCert.java www.data.gouv.fr:443

Sortie

...
...
...
Enter certificate to add to trusted keystore or 'q' to quit: [1]

Tapez 1 pour ajoutez le certificat

Sortie du type

01D0: 48 19 27 ED 8A EC F6 3E   F9 4D DB 49 96 A7 30 38  H.'....>.M.I..08
01E0: CB BF 5B 76 87 00 D3 7C   C9 68 E9 66 B5 B6 5E C6  ..[v.....h.f..^.
01F0: 57 57 BB 75 AE B9 5F D5   A9 74 18 3E 6F E8 3E 56  WW.u.._..t.>o.>V

]

Added certificate to keystore 'jssecacerts' using alias 'www.data.gouv.fr-1'

// Commande pour extraire le certificat du keystore jssecacerts créé
keytool -exportcert -alias www.data.gouv.fr-1 -keystore jssecacerts -storepass changeit -file www.data.gouv.fr.cer

Normalement, [path to system cacerts] = $JAVA_HOME/lib/security/cacerts Dans notre cas, plusieurs versions de Java. Celle utilisée n'est pas celle par défaut, on utilise plutôt /usr/lib/jvm/jdk-19-0-2-amd64/lib/security/cacerts

//Import du certificat dans le keystore du système
keytool -importcert -alias www.data.gouv.fr -keystore /usr/lib/jvm/jdk-19-0-2-amd64/lib/security/cacerts -storepass changeit -file www.data.gouv.fr.cer
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment