I'm trying to consume a public endpoint that is available in both http and SSL, https://jsonplaceholder.typicode.com/posts/1 which returns a very simple json.
I have configured my RestTemplate as follows:
@Configuration
public class RestTemplateConfig {
@Value("${https.remote.proxy.host}")
private String PROXY_URI;
@Value("${https.remote.proxy.port}")
private int PROXY_PORT;
@Bean
public RestTemplate restTemplate(RestTemplateBuilder builder) {
SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory();
Proxy proxy = new Proxy(Proxy.Type.HTTP,
new InetSocketAddress(PROXY_URI, PROXY_PORT));
requestFactory.setProxy(proxy);
return new RestTemplate(requestFactory);
}
}
Also I did the following, I went to https://jsonplaceholder.typicode.com/posts/1 in chrome to download the certificate, by clicking on the padlock symbol ⟼ valid ⟼ Details ⟼ Copy to file as jsonplaceholder.cer and with the KeyStore Explorer I copied this certificate in the cacerts of JAVA (JAVA_HOME / jre / lib / security).
When I do the following:
@Autowired
RestTemplate restTemplate;
@RequestMapping(value="test", method = RequestMethod.GET)
public Post getPost() {
Post post = restTemplate.getForObject("http://jsonplaceholder.typicode.com/posts/1", Post.class);
return post;
}
I get a successful answer:
{
"userId": "1",
"id": 1,
"title": "sunt aut facere repellat provident occaecati excepturi optio reprehenderit",
"body": "quia et suscipit\nsuscipit recusandae consequuntur expedita et cum\nreprehenderit molestiae ut ut quas totam\nnostrum rerum est autem sunt rem eveniet architecto"
}
But when I do the same thing about https I get the following error:
{
"timestamp": 1520596009201,
"status": 500,
"error": "Internal Server Error",
"exception": "org.springframework.web.client.ResourceAccessException",
"message": "I/O error on GET request for \"https://jsonplaceholder.typicode.com/posts/1\": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
"path": "/api/v1/sepa/test/"
}
That comes from Java:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[na:1.8.0_161]
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[na:1.8.0_161]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[na:1.8.0_161]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) ~[na:1.8.0_161]
What am I forgetting? I do this test with the intention of testing the RestTemplate, but later I'll have to connect to an API from a provider.