You are create awesome info with many tests, Thanks very much for your efforts, Seriously I become subscriber because this video
@rahulrandomlearnings
2 жыл бұрын
Thank you for your feedback :)
@testersumanth4210
2 жыл бұрын
Thank you for making this Video Rahul!!! If you ever start a patron membership I will definitely subscribe to it.
@rahulrandomlearnings
2 жыл бұрын
Thank you for your feedback :)
@mjj3tube
2 жыл бұрын
@@rahulrandomlearnings same here
@shivyadav3294
Жыл бұрын
Hi Rahul, Very well explained but I have a scenario that works in Postman and am trying to automate it using Rest assured. There is Host along with cert and key file which I have converted into PKCS12 format and imported into truststore file. So, I need to send cert file along with Host to get the Token. but am getting forbidden error, can you please help on to resolve this issue.
@kayforkeerthana
2 жыл бұрын
Hello Rahul, I am trying to resolve SSL handshake exception as well. I have received the certificate for resolving this, which is a .der file. Do I need to create both keystore and truststore for this? Can you please guide?
@rahulrandomlearnings
2 жыл бұрын
To resolve ssl handshake exception you will require certificate (.der) and key file, Ask the team that gave you certificate file to provide key file as well. You can then create p12 using certificate and key and then use it as keystore. If you get PKIX Exception as well then you will require a truststore and will have to import root/intermediate cert in it.
@rahulrandomlearnings
2 жыл бұрын
To save time You can verify your files by using postman as well, I created this step by step video for that as well kzitem.info/news/bejne/q6Wtrn6de5dpgKQ
@shivki23
2 жыл бұрын
Hi Rahul, I have added Root & Intermediate cert to truststore & have my client cert in p12 format . I am getting java.security.cert.CertificateParsingException: java.io.IOException: Sequence tag error - Can u please let me know what is the root cause for this ?
@rahulrandomlearnings
2 жыл бұрын
Such errors are sometimes due to bug in java as well, see this link "problem conclusion" section www.ibm.com/support/pages/apar/IJ22037 Try changing JDK and then rerun
@aravindsramesh8467
6 ай бұрын
Hi Rahul, Good explanation.. keep up the good wrok. I have a question here, I have p12 file as well .cer file and I have configured .cer in trustore and p12 as keystore, but yet i am getting unable to find certificate issue..
@rahulrandomlearnings
6 ай бұрын
Thanks for your feedback, Your steps look correct, please check if in the certificate chain any intermediate certs are used then add that as well, also make sure that you are adding to the correct lib/security Sometimes people add cert to jdk but use jre at runtime, sometimes there are multiple jdk or jre and certs are added to one version but a different version is used by code. Also sometimes the keystore type does not match with the JDK version, like JDK8 does not support p12 generated by openssl v2
@satishchhatpar
Жыл бұрын
Thank you great tutorial
@rahulrandomlearnings
Жыл бұрын
Thank you for your feedback :)
@mohammadrasheed8402
Жыл бұрын
I have got .crt and .key file and also need proxy to create rest assured scripts. Can someone confirm what will be the steps for that?
@rahulrandomlearnings
Жыл бұрын
for proxy config please have a look at this answer, hope this should help resolve the issue stackoverflow.com/questions/45180447/rest-assured-proxy-setting-issue-java-net-connectexception-connection-timed-ou
@wasimshariff9509
2 жыл бұрын
👏🏾👏🏾👏🏾
@rahulrandomlearnings
2 жыл бұрын
Thank you :)
@yvesguilhermebbts9541
5 ай бұрын
Hi, how are you? congratulations on the video... I did the same steps as you, but I'm having the problem: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. I found your channel because I'm having an error in java which is a Mutual Authentication via certificate exchange failing in Java: SSLHandshakeException: Remote host terminated the handshake. Basically java is not sending my .p12 file... I've done everything (this is not a joke) and I can't solve this problem... I even have an issue on stackoverflow... do you think you could help me? cheers!
@rahulrandomlearnings
5 ай бұрын
Sometimes there are multiple certificates in the chain and they all need to be imported, also make sure you test it via postman to make sure that certificate is valid and works
@yvesguilhermebbts9541
5 ай бұрын
@@rahulrandomlearnings hello, thank you for answering... insomnia, postman and node.js works... i've taken the whole chain and imported it... it's very strange... can i share the stackoverflow issue with you?
@rahulrandomlearnings
5 ай бұрын
Yea sure, please share stack overflow link
@yvesguilhermebbts9541
5 ай бұрын
@@rahulrandomlearnings Well, to cut a long story short, we already do this in production, we have a .p12 that is sent in the requests. The server just imported one of our certificates at the time. What's happening now is that someone from my team is responsible for sending the certificate to the people on the api server that we're trying to consume with java, he just dismembered the production .p12 and passed the .crt to them. Do you think this step was wrong? Well, the difference in working in the other tools is disabling the certificate check, but I've already done several things and I'm extremely tired because it's been taking my nights off...
@yvesguilhermebbts9541
5 ай бұрын
well, for some reason youtube is deleting my comments when i share the stackoverflow link... is there another way i can share it with you? i'll add you on linkedin, what do you think?
@nickover1191
2 жыл бұрын
thank you❤
@trad1fy
6 ай бұрын
Great video where can i get the java code i want to experiment with it .
@rahulrandomlearnings
6 ай бұрын
These are just commands, please checkout my other videos which have GitHub code link as well
@mjj3tube
2 жыл бұрын
Hi Rahul, Thank you for the brilliant explanation. I need help with the following scenario, I have to get a JWT from an endpoint which requires a CA cert( in pem format) and one client certificate (which is in pfx format) .This scenario is working fine in postman but could you please advise on how we can do this is rest assured ,should we convert the pfx file into p12? or is there an better approach. Waiting for your response
@mjj3tube
2 жыл бұрын
also our authentication mechanism uses oAuth 2 and I see only certificates in my pem file.
@rahulrandomlearnings
2 жыл бұрын
Please have a look at this video, kzitem.info/news/bejne/sKiQ1naIr3yLhG0 You can import the root cert in cacerts or create your own truststore using keytool -import - file ca.pem -storetype PKCS12 -keystore truststore Pfx format is not an issue it will still use PKCS12 as store type
@rahulrandomlearnings
2 жыл бұрын
This is a good article for oauth2 in rest assured devqa.io/rest-assured-oauth2-workflow-examples/ Have a look and see if this helps
@mjj3tube
2 жыл бұрын
@@rahulrandomlearnings Thanks Rahul so should I import both pem and .pfx file into the truststore?
@mjj3tube
2 жыл бұрын
Just for my understanding the CA ceritifacte is the root one and the .pfx is client one right? sorry I am asking too many questions as I have no idea about SSL
@rachimanwal957
Жыл бұрын
is it same for .pfx file?
@rahulrandomlearnings
Жыл бұрын
Hi, Yes .Pfx and .p12 are both PKCS12 files so it is the same
@inittolearn7616
2 жыл бұрын
Hi Rahul, Awesome video!!! I created a PCKS12 keystore and on running the it I am error: Exception in thread "main" javaioIOException: parseAlgParameters failed: ObjectIdentifier() -- data isn't an object ID (tag = 48) I googled a little and this might be due to I running Java 1.8.0_301. I changed the keystore to JKS and ran it and I am seeing connection timeout error: Exception in thread "main" javanetConnectException: Connection timed out: connect Can you please help me?
@rahulrandomlearnings
2 жыл бұрын
Hi, apologies for delay, somehow your comment was blocked by KZitem for review so I only saw it now, you are correct about using PKCS12 on java 8, The pbes2 cipher that PKCS12 uses is not properly implemented in 8u31. The second one should have worked but connection error means that client cert was not properly imported, I will do a test run on my pc and will let you know
@inittolearn7616
2 жыл бұрын
@@rahulrandomlearnings Thank you Rahul waiting for your findings :)
@rahulrandomlearnings
2 жыл бұрын
Hi, this looks like a issue in code that reads truststores in a few specific oracle jdk versions. These are the steps I followed: I went to oracle site for downloading JDK 8: www.oracle.com/java/technologies/javase/javase8u211-later-archive-downloads.html Then I downloaded these three Oracle jdks: jdk-8u211-windows-x64.exe jdk-8u291-windows-x64.exe jdk-8u301-windows-x64.exe keytool command: keytool -list -ketstore truststore -storetype PKCS12 when running keytool command from jdk-8u211-windows-x64.exe and jdk-8u291-windows-x64.exe on PKCS12 truststore I got this error "data isn't an object ID (tag = 48)". when running keytool command from jdk-8u301-windows-x64.exe on PKCS12 truststore everything worked fine (commandline and code). Then I downloaded JDK from openJDK version : OpenJDK8U-jdk_x64_windows_hotspot_8u332b09.zip when running keytool command from OpenJDK8u332b09 on PKCS12 truststore I got this error "Algorithm HmacPBESHA256 not available". I tried creating a new truststore and importing root and intermediate certs using both the JDK's but Keytool and Restassured kept on giving errors. When going through this exercise I also noticed that these errors were at truststore level and not keystore/client_cert.p12 level. So to verify this analysis I wrote a program using HttpsURLConnection and SSLSocketFactory to ignore SSL validation errors and just inject the client certificate p12 and that code worked every time on all JDK's. So we can conclude that some JDK versions are unable to handle truststore containing root cert, but all of them are able to inject client certificate store correctly. This is the code that I used to verify the same: import org.junit.Test; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import java.io.BufferedReader; import java.io.FileInputStream; import java.io.InputStreamReader; import java.net.URL; import java.security.KeyStore; import static org.junit.Assert.assertEquals; public class KeyStoreVerificationTest { @Test public void should_inject_clientcert_and_return_200_after_ignoring_truststore() throws Exception { KeyStore keyStore = KeyStore.getInstance("pkcs12"); String keyStorePassword = "badssl.com"; keyStore.load(new FileInputStream("badssl.com-client.p12"), keyStorePassword.toCharArray()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, keyStorePassword.toCharArray()); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), null, null); SSLSocketFactory sslSocketFactory = ctx.getSocketFactory(); URL url = new URL("client.badssl.com/"); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setSSLSocketFactory(sslSocketFactory); BufferedReader br = new BufferedReader(new InputStreamReader((connection.getInputStream()))); StringBuilder sb = new StringBuilder(); String output; while ((output = br.readLine()) != null) { sb.append(output); } assertEquals(200, connection.getResponseCode()); System.out.println(sb); } }
@inittolearn7616
2 жыл бұрын
@@rahulrandomlearnings So the solution would be to upgrade the JDK version?
@rahulrandomlearnings
2 жыл бұрын
Yes upgrading the JDK solves the issue
@AviationIT
Жыл бұрын
Hi Rahul, your videos really easy to understand the complex topic. Can you help on below point: My customer given p12 file to connect to his secure API (means security enabled at his server end) and need to pass digest token while sending json payload in request. Can you suggest me how to implement this? I am getting 500 error while testing through postman API? Any support on this?
@rahulrandomlearnings
Жыл бұрын
Thank you for your feedback :) based on my understanding, digest token concept is basically instead of passing username and password as Base64 encoded (which we do in basic auth.), you pass the values through an algorithm like md5 and then set the result in header. assuming the creator of the API gave you all the required values you can have a look at this StackOverflow entry scroll to the second answer, it has a few screenshots that might help you: stackoverflow.com/questions/9534602/what-is-the-difference-between-digest-and-basic-authentication
@AviationIT
Жыл бұрын
@@rahulrandomlearnings thanks for the reply. Can you share any video with digest token mechanism API handshake?
@AhmedKhaled-he9mf
2 жыл бұрын
Please below command: keytool -list -keystore test.p12 return this error: keytool error: java.io.IOException: Invalid keystore format
@rahulrandomlearnings
2 жыл бұрын
Add -storetype PKCS12
@AhmedKhaled-he9mf
2 жыл бұрын
@@rahulrandomlearnings thanks very much
@AhmedKhaled-he9mf
2 жыл бұрын
@@rahulrandomlearnings Please how to fix this error: Invalidated: [Session-3, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
@rahulrandomlearnings
2 жыл бұрын
Maybe try this solution stackoverflow.com/questions/24812755/ssl-handshake-failure-in-java-test-client-while-connecting-to-server-with-two-wa
@rahulrandomlearnings
2 жыл бұрын
@@AhmedKhaled-he9mf was the issue resolved ?, if it is still an issue then let me know what java version are you using, I will try to reproduce the error on my machine
Пікірлер: 74