我有一些发出HTTP请求的Python代码:
import requests
response = requests.get(
url,
cert = tuple(clientCertPath, pkeyPath), // paths to crt.pem and pkey.pem
verify = serverCertPath // path to server-ca.crt file
)
我想用KTOR把这个重写给Kotlin.这就是我到目前为止想出的:
val serverCert = serverCertPath.inputStream().use {
CertificateFactory.getInstance("X.509").generateCertificate(it) as X509Certificate
}
val keyStore = KeyStore.getInstance(...).apply {
load(null, null)
setCertificateEntry("serverCert", serverCert)
}
val trustManagerFactory = ... // init with keystore
val sslContext = SSLContext.getInstance("TLS") // and init with above config
val client = HttpClient(Java) {
engine {
config {
sslContext(sslContext)
}
}
}
// So far so good. This server certificate config seems to work and cover the 'verify' parameter. Now for the other cert.
val clientCert = CertificateFactory.getInstance("X.509").let {
clientCertPath.inputStream().use { stream -> it.generateCertificate(stream) as X509Certificate }
}
client.request(url) {
this.method = HttpMethod.Get
// how to supply client cert?
}
现在我被困住了.如何将客户端证书应用于请求?无论是客户端级配置还是请求级配置,我都可以.另外,我还没有用过pkeyPath美元.我在哪里做呢?