Accessing the production environment
| URL de Produção: https://api.delbank.com.br |
|---|
Quando estiver pronto para acessar o ambiente de produção, você pode usar o seguinte como um exemplo do que você precisa para a API de produção. A API de produção requer que o certificado mTLS, a chave privada e a chave da API sejam configuradas corretamente. Você pode usar o exemplo e alterar conforme necessário, dependendo do tipo de métodos de solicitação HTTP e do endpoint que você está tentando alcançar
| key | Descrição |
|---|---|
| Certificado mTLS | O certificado mTLS que nossa equipe enviou (arquivo .pem) |
| Chave privada | A chave privada que foi gerada junto com o csr |
| Chave API | A chave API que nossa equipe enviou |
- JavaScript
- Java
- C#
- Python
- php
const fs = require('fs');
const https = require('https');
const path = require('path');
const certPath = path.resolve(__dirname, 'mtls/my_cretificate.crt');
const keyPath = path.resolve(__dirname, 'mtls/my_private_key.key');
let httpsAgent = null;
if (fs.existsSync(certPath) && fs.existsSync(keyPath)) {
httpsAgent = new https.Agent({
cert: fs.readFileSync(certPath), //Here you put your certificate (.pem)
key: fs.readFileSync(keyPath), //Here you put your private key (.key)
});
}
headers = {
'x-delbank-api-key': process.env.API_KEY,
};
const apiResponse = await axios({
method: // 'GET', 'POST', 'PUT', 'DELETE'
url: //api.delbank.com.br/...,
headers: headers,
httpsAgent: httpsAgent,
});
import okhttp3.*;
import javax.net.ssl.*;
import java.io.File;
import java.io.FileInputStream;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Objects;
public class HttpsClient {
public static void main(String[] args) throws Exception {
String certPath = Paths.get("mtls", "my_certificate.crt").toAbsolutePath().toString();
String keyPath = Paths.get("mtls", "my_private_key.key").toAbsolutePath().toString();
String apiKey = System.getenv("my_API_KEY");
OkHttpClient httpsClient = createHttpsClient(certPath, keyPath);
Headers headers = new Headers.Builder()
.add("x-delbank-api-key", Objects.requireNonNull(apiKey, "my_API_KEY is not set"))
.build();
// Make the request
Request request = new Request.Builder()
.url("https://api.delbank.com.br/...")
.headers(headers)
.build();
try (Response response = httpsClient.newCall(request).execute()) {
if (!response.isSuccessful()) {
throw new RuntimeException("Request failed: " + response);
}
System.out.println(response.body().string());
}
}
private static OkHttpClient createHttpsClient(String certPath, String keyPath) throws Exception {
File certFile = new File(certPath);
File keyFile = new File(keyPath);
if (certFile.exists() && keyFile.exists()) {
// Load Certificate
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
try (FileInputStream certInputStream = new FileInputStream(certFile)) {
X509Certificate certificate = (X509Certificate) certFactory.generateCertificate(certInputStream);
// Load KeyStore
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null); // Initialize an empty KeyStore
keyStore.setCertificateEntry("certificate", certificate);
// Create TrustManager
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm()
);
trustManagerFactory.init(keyStore);
// Create SSLContext
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
return new OkHttpClient.Builder()
.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagerFactory.getTrustManagers()[0])
.build();
}
}
return new OkHttpClient();
}
}
using System;
using System.IO;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks;
class Program
{
static async Task Main(string[] args)
{
string certPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "mtls", "my_certificate.crt");
string keyPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "mtls", "my_private_key.key");
string apiKey = Environment.GetEnvironmentVariable("my_API_KEY");
if (string.IsNullOrEmpty(apiKey))
{
throw new InvalidOperationException("my_API_KEY environment variable is not set.");
}
HttpClient httpClient = CreateHttpClient(certPath, keyPath);
// Prepare request
HttpRequestMessage request = new HttpRequestMessage
{
Method = HttpMethod.Get, // Use HttpMethod.Post, Put, Delete, etc. as needed
RequestUri = new Uri("https://api.delbank.com.br/..."), // Replace with your API URL
};
// Add headers
request.Headers.Add("x-delbank-api-key", apiKey);
// Send request and handle response
HttpResponseMessage response = await httpClient.SendAsync(request);
response.EnsureSuccessStatusCode();
string responseBody = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseBody);
}
private static HttpClient CreateHttpClient(string certPath, string keyPath)
{
// Check if certificate and key files exist
if (File.Exists(certPath) && File.Exists(keyPath))
{
// Load certificate
X509Certificate2 clientCertificate = new X509Certificate2(certPath);
// Configure handler
var handler = new HttpClientHandler
{
ClientCertificates = { clientCertificate },
SslProtocols = System.Security.Authentication.SslProtocols.Tls12
};
return new HttpClient(handler);
}
return new HttpClient();
}
}
import os
import requests
from pathlib import Path
def main():
# Resolve certificate and key paths
base_dir = Path(__file__).resolve().parent
cert_path = base_dir / "mtls/my_certificate.crt"
key_path = base_dir / "mtls/my_private_key.key"
# Check if the certificate and key files exist
if cert_path.exists() and key_path.exists():
# Create HTTPS session with certificate and key
session = requests.Session()
session.cert = (str(cert_path), str(key_path))
else:
session = requests.Session()
# Set headers
headers = {
"x-delbankapi-key": os.getenv("my_API_KEY")
}
# Make the request
try:
response = session.get("https://api.delbank.com.br/...", headers=headers) # Change HTTP method and URL as needed
response.raise_for_status() # Raise exception for HTTP errors
print(response.text)
except requests.exceptions.RequestException as e:
print(f"An error occurred: {e}")
<?php
function main() {
// Define paths for certificate and key
$certPath = __DIR__ . '/mtls/my_certificate.crt';
$keyPath = __DIR__ . '/mtls/my_private_key.key';
// Check if certificate and key files exist
if (file_exists($certPath) && file_exists($keyPath)) {
$curl = curl_init();
// API URL
$url = "https://api.delbank.com.br/..."; // Replace with your API endpoint
// Set cURL options
curl_setopt_array($curl, [
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
"x-delbank-api-key: " . getenv("API_KEY")
],
CURLOPT_SSLCERT => $certPath,
CURLOPT_SSLKEY => $keyPath,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_SSL_VERIFYPEER => true,
]);
$response = curl_exec($curl);
if (curl_errno($curl)) {
echo "cURL error: " . curl_error($curl);
} else {
$httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
if ($httpStatus >= 200 && $httpStatus < 300) {
echo $response;
} else {
echo "HTTP error: " . $httpStatus . " - " . $response;
}
}
curl_close($curl);
} else {
echo "Certificate or key file not found.";
}
}
main();
Acessando o ambiente de produção via Postman
No Postman é possível adicionar e gerenciar certificados para habilitar autenticação ao enviar requisições. Para fazer isso, primeiro, vá em Configurações.
Em seguida, vá em Certificates e clique em Adicionar Certificate.
Agora adicione a URL do host, para que cada solicitação dessa URL use esses certificados. No arquivo CRT, coloque o mTLS (arquivo .pem) e no arquivo KEY, coloque a chave privada que foi gerada junto com o CSR.
E finalmente, em x-delbank-api-key, coloque sua chave de API no cabeçalho.
Pronto, agora você pode acessar a API de produção!