首页 文章

带有SSL身份验证的Java SOAP客户端:证书错误

提问于
浏览
1

我正在编写一个Java SOAP客户端,通过HTTPS和SSL身份验证连接到SOAP Web服务 . 我有一个keyStore和一个trustStore来进行SSL身份验证 . 我使用javax来实现客户端 .

我使用以下方法设置证书(keyStore,trustStore):

System.setProperty("javax.net.ssl.keyStore",configuration.getProperty("***"));
System.setProperty("javax.net.ssl.keyStorePassword", configuration.getProperty("***"));
System.setProperty("javax.net.ssl.keyStoreType", configuration.getProperty("***"));     
System.setProperty("javax.net.ssl.trustStore",configuration.getProperty("***"));
System.setProperty("javax.net.ssl.trustStorePassword", configuration.getProperty("***"));
System.setProperty("javax.net.ssl.trustStoreType", configuration.getProperty("***"));

制作SOAP连接的代码:

HttpsURLConnection httpsConnection = null;              
SSLContext sslContext = SSLContext.getInstance("SSL");
TrustManager[] trustAll = new TrustManager[] {new TrustAllCertificates()};
sslContext.init(null, trustAll, new java.security.SecureRandom());

// Set trust all certificates context to HttpsURLConnection
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());

// Open HTTPS connection
URL urlUrl = new URL(url);
httpsConnection = (HttpsURLConnection) urlUrl.openConnection();

// Trust all hosts
httpsConnection.setHostnameVerifier(new TrustAllHosts());

// Connect
httpsConnection.connect();

SOAPMessage soapResponse = soapConnection.call(createSOAPRequest(request), url);
soapConnection.close();
httpsConnection.disconnect();

当我尝试连接时,我有以下错误:

javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)

我已经使用curl connexion测试了证书(和密码)并且它有效 . 问题不是来自keyStore和trustStore .

我认为我的应用程序(javax?)在连接期间不使用证书 . 任何的想法 ?

1 回答

  • 0

    看起来你做了双重工作,最后忽略了你的系统属性 . 为Trust / Key存储设置系统属性时 - 您不需要使用所有SSLContext,TrustManager,HostVerifier的东西 . 像简单的HTTP一样做,不关心 .

    URL urlUrl = new URL(url);
    // all of those connections work since they are interfaces. Implementation is HTTPS of course
    HttpsURLConnection httpsConnection = (HttpsURLConnection) urlUrl.openConnection();
    
    HttpURLConnection httpConnection = (HttpURLConnection) urlUrl.openConnection();
    
    URLConnection urlConnection = urlUrl.openConnection();
    

相关问题