Pac4J has issues encrypting with self-signed certificate-Java-php.cn

Table of Contents

Correct answer

Home

Java

Pac4J has issues encrypting with self-signed certificate

王林

Feb 05, 2024 pm 10:18 PM

Question content

I am running spring boot 3.2.1

with an embedded keycloak server

<dependency>
            <groupid>org.pac4j</groupid>
            <artifactid>jakartaee-pac4j</artifactid>
            <version>8.0.0</version>
        </dependency>
        <dependency>
            <groupid>org.pac4j</groupid>
            <artifactid>pac4j-oidc</artifactid>
            <version>6.0.1</version>
        </dependency>

Copy after login

No encryption required, everything works fine, pac4j handles things just fine. When I bring in ssl using the ssl bundle, the web application works fine (https) and interactions with the embedded keycloak server work fine, including the following calls: https://localhost:8888/auth/realms/master/.well-known/openid-configuration When made via a web browser on the same machine. However, while performing the authentication process, pac4j seems to throw the following error:

org.pac4j.core.exception.TechnicalException: Error getting URL resource
    at org.pac4j.core.resource.SpringResourceHelper.getResourceInputStream(SpringResourceHelper.java:74)
    at org.pac4j.oidc.metadata.OidcOpMetadataResolver.retrieveMetadata(OidcOpMetadataResolver.java:89)
    at org.pac4j.oidc.metadata.OidcOpMetadataResolver.internalLoad(OidcOpMetadataResolver.java:76)
    at org.pac4j.core.resource.SpringResourceLoader.load(SpringResourceLoader.java:50)
    at org.pac4j.oidc.config.OidcConfiguration.findPkceMethod(OidcConfiguration.java:285)
    at org.pac4j.oidc.redirect.OidcRedirectionActionBuilder.addStateAndNonceParameters(OidcRedirectionActionBuilder.java:115)
    at org.pac4j.oidc.redirect.OidcRedirectionActionBuilder.getRedirectionAction(OidcRedirectionActionBuilder.java:58)
    at org.pac4j.core.client.IndirectClient.getRedirectionAction(IndirectClient.java:136)
    at org.pac4j.core.engine.DefaultSecurityLogic.redirectToIdentityProvider(DefaultSecurityLogic.java:240)
    at org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:160)
    at com.ebremer.server.MyCustomSecurityFilter.internalFilter(MyCustomSecurityFilter.java:79)

Copy after login

I added trustallcertificates and trustallhostnames when the system started, but still had no effect.

Correct answer

You need to create a truststore with a self-signed certificate and assign it to the JVM: https://docs.oracle.com/cd /E29585_01/PlatformServices.61x/security/src/csec_ssl_jsp_start_server.html

The above is the detailed content of Pac4J has issues encrypting with self-signed certificate. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn