带有SSL身份验证的Java SOAP客户端:错误证书
[英]Java SOAP Client with SSL authentication : bad certificate
问题描述
I'm writing a Java SOAP client to connect through HTTPS with SSL authentication to a SOAP webservice. 
我正在编写一个Java SOAP客户端,通过HTTPS和SSL身份验证连接到SOAP Web服务。 I have a keyStore and a trustStore to make the SSL authentication. 我有一个keyStore和一个trustStore来进行SSL身份验证。 I use javax to implement the client. 我使用javax来实现客户端。
I set the certificates (keyStore, trustStore) with the following method : 我使用以下方法设置证书(keyStore,trustStore):
System.setProperty("javax.net.ssl.keyStore",configuration.getProperty("***"));
System.setProperty("javax.net.ssl.keyStorePassword", configuration.getProperty("***"));
System.setProperty("javax.net.ssl.keyStoreType", configuration.getProperty("***"));
System.setProperty("javax.net.ssl.trustStore",configuration.getProperty("***"));
System.setProperty("javax.net.ssl.trustStorePassword", configuration.getProperty("***"));
System.setProperty("javax.net.ssl.trustStoreType", configuration.getProperty("***"));
The code to make the SOAP connexion : 制作SOAP连接的代码:
HttpsURLConnection httpsConnection = null;
SSLContext sslContext = SSLContext.getInstance("SSL");
TrustManager[] trustAll = new TrustManager[] {new TrustAllCertificates()};
sslContext.init(null, trustAll, new java.security.SecureRandom());
// Set trust all certificates context to HttpsURLConnection
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
// Open HTTPS connection
URL urlUrl = new URL(url);
httpsConnection = (HttpsURLConnection) urlUrl.openConnection();
// Trust all hosts
httpsConnection.setHostnameVerifier(new TrustAllHosts());
// Connect
httpsConnection.connect();
SOAPMessage soapResponse = soapConnection.call(createSOAPRequest(request), url);
soapConnection.close();
httpsConnection.disconnect();
When I try to connect, I have the following error : 当我尝试连接时,我有以下错误:
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
I have tested the certificates (and password) with a curl connexion and it works. 我已经使用curl connexion测试了证书(和密码)并且它可以工作。 The problem doesn't come from the keyStore and trustStore. 问题不是来自keyStore和trustStore。
I think that my app (javax ?) doesn't use the certificate during the connexion. 我认为我的应用程序(javax?)在连接期间不使用证书。 Any idea ? 任何想法 ?
1 个解决方案
解决方案1
0 2016-12-08 15:02:34
It seems like you do double work and finally ignore your system properties. 看起来你做了双重工作,最后忽略了你的系统属性。 When you setup system properties for Trust/Key stores - you do not need to use all that SSLContext, TrustManager, HostVerifier stuff. 为Trust / Key存储设置系统属性时 - 您不需要使用所有SSLContext,TrustManager,HostVerifier。 do it as with simple HTTP and do not care about. 像简单的HTTP那样做,不关心。
URL urlUrl = new URL(url);
// all of those connections work since they are interfaces. Implementation is HTTPS of course
HttpsURLConnection httpsConnection = (HttpsURLConnection) urlUrl.openConnection();
HttpURLConnection httpConnection = (HttpURLConnection) urlUrl.openConnection();
URLConnection urlConnection = urlUrl.openConnection();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.