Java notnoop,APNS在tomcat内部找不到可信证书
[英]Java notnoop,APNS No trusted certificate found from inside tomcat
问题描述
We have implemented APNS connectivity using notnoop. 
我们已经使用notnoop实现了APNS连接。 We have been testing it for last 5 months on development and UAT environment and other environment. 我们已经在开发,UAT环境和其他环境上进行了最近5个月的测试。 Things were working as expected but post deployment to production environment we are having tough time getting it work, GCM is working fine it is only APNS were we have tough time. 一切都按预期进行,但是在部署到生产环境后,我们很难使它工作,GCM正常工作,只有APNS才有困难。
Initially there was connectivity issue from firewall which we have got opened to connect to gateway.push.apple.com on 2195 as earlier system was throwing connection timeout . 最初,防火墙存在连接问题,由于较早的系统抛出connection timeout ,我们已经打开它以在2195连接到gateway.push.apple.com 。
Now system is throwing No Trusted Certificate found I have described below the detail steps we have already taken to debug this. 现在系统正在抛出“ No Trusted Certificate found下面我已经描述了我们已经用来调试它的详细步骤。
Please note this is happening only when i deploy it on production that too when it is run inside Tomcat 8.0. 请注意,仅当我将其部署在生产环境中时才发生这种情况,而当它在Tomcat 8.0中运行时也是如此。 We did small POC to test if it can work outside tomcat and it is working properly using same certificate from same absolute path. 我们做了一个小的POC来测试它是否可以在tomcat之外工作,并且使用来自同一绝对路径的相同证书可以正常工作。
We did try after changing the implementation to use absolute path of certificate as shown below
我们在更改实现以使用证书的绝对路径后做了尝试,如下所示 APNS.newService().withCert(PRODcertificatePath, PRODcertificatePassword)
The program is configured to use .withProductionDestination() if it is using production certificate and vice versa so this issue is also taken care. 程序配置为使用.withProductionDestination()如果它使用的是生产证书),反之亦然,因此也应注意此问题。
- Then we also tried using ClassLoader
InputStream iss = ClassLoader.getSystemResourceAsStream("Axis-APNS.p12")然后,我们还尝试使用ClassLoader InputStream iss = ClassLoader.getSystemResourceAsStream("Axis-APNS.p12")
Yes we do have JKS file on production whose detail is configured in server.xml something like below 是的,我们在生产中确实有JKS文件,其详细信息在server.xml中进行了配置,如下所示
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" sslProtocol="TLS" keystoreFile="/root/cert"
Now we are out of idea to debug and find the root cause, Any suggestion, question is most welcome. 现在我们不知道要进行调试并找到根本原因了,任何建议,问题都是最欢迎的。
1 个解决方案
解决方案1
0 已采纳 2016-08-01 10:22:10
As a matter of workaround, i have redesign my system. 作为解决方法,我已经重新设计了系统。 Instead of running from inside tomcat, Have made it as standalone application using Quartz batch job and system is running properly. 而不是从Tomcat内部运行,而是使用Quartz批处理作业使其成为独立的应用程序,并且系统正常运行。 Once i get time to find out why tomcat is not able to pick correct certificate, will upate you guys on it. 一旦我有时间找出为什么tomcat无法选择正确的证书,就会在上面更新你们。 Thank you very much for your time... email me if you need anymore help on above matter. 非常感谢您的宝贵时间。如果您在上述问题上需要其他帮助,请给我发电子邮件。
Thanks, 谢谢,
Amarjeet Amarjeet
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.