I'm trying to consume an API, but I need to upload a certificate to consume it.
This is what I've been trying to consume the API. In this method I open the connection for the consumption of the API:
public static String consumeAPI() {
String respAPI = "";
String param = "some_param";
String user = "user";
String pswrd = "pass";
try {
SSLSocketFactory ssl = createSSLSocketFactory("path_of_cert");
URL url = new URL("https://api-dir.com.es:8080/api");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setSSLSocketFactory(ssl);
conn.setDoOutput(true);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setRequestProperty("Authorization", "Basic " + Base64.getEncoder().encodeToString((user + ":" + pswrd).getBytes(StandardCharsets.UTF_8)));
conn.setConnectTimeout(APIUtils.TIMEOUT);
try (OutputStream os = conn.getOutputStream()) {
os.write(parametros.getBytes(StandardCharsets.UTF_8));
os.flush();
if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) {
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8))) {
StringBuilder result = new StringBuilder();
String auxStr;
while ((auxStr = br.readLine()) != null) {
result.append(auxStr);
}
respAPI = result.toString();
}
}
}
return respAPI;
}
catch(IOException | ClassCastException | IllegalStateException | IllegalArgumentException e) {
e.printStackTrace();
return null;
}
}
And this is the method that generates the SSLSocketFactory
with the certificate loaded:
private static SSLSocketFactory createSSLSocketFactory(String certPath) {
try {
try (InputStream in =APIUtils.class.getResourceAsStream(certPath)) {
Certificate certificate = CertificateFactory.getInstance("X.509").generateCertificate( in );
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
keyStore.setCertificateEntry("certalias", certificate);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
return sslContext.getSocketFactory();
}
}
catch(CertificateException | KeyStoreException | NoSuchAlgorithmException | IOException | KeyManagementException e) {
e.printStackTrace();
return null;
}
}
But it is throwing java.net.UnknownHostException
, here is the error trace:
java.net.UnknownHostException: api-dir.com.es
at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:567)
at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:327)
at java.base/java.net.Socket.connect(Socket.java:633)
at java.base/sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:304)
at java.base/sun.net.NetworkClient.doConnect(NetworkClient.java:178)
at java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:532)
at java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:637)
at java.base/sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:266)
at java.base/sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:380)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:193)
at java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1242)
at java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1128)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:179)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1430)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1401)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:220)
at deployment.regional.war//com.ekt.regional.web.api.SomeAPI.consumeAPI(SomeAPI.java:49)
I made sure that the API url is correct and that we have the permissions to access it.
It is worth mentioning that the certificate is a .crt
file and is for the development environment.
This is DNS resolution error
Does the API call requires proxy ? you may have to add http proxy in your call .
depending on the os you can run on windows
ping api-dir.com.es
or tracert api-dir.com.es
or linux
traceroute api-dir.com.es
to see if you have connectivity to this service/api
or try to provide direct IP of api-dir.com.es instead of the name in the URL
or try to create entry of the IP In your host file
linux
/etc/host
windows
c:\Windows\System32\Drivers\etc\hosts
with entry as
api-dir.com.es ip address