堆栈内存溢出
  简体   繁体   English

Wildfly-允许无需证书即可连接到SSL站点

[英]Wildfly - Allow connections to SSL sites without certs

 原文  2017-03-29 08:32:11       java/ ssl/ wildfly

问题描述

Is there a way for a web application to be configured (through web.xml) to allow connections to SSL sites withour certificates similar to curl 's -k option? 有没有一种方法可以配置Web应用程序(通过web.xml)以允许使用类似于curl-k选项的证书连接到SSL站点?

-k, --insecure Allow connections to SSL sites without certs (H) -k,--insecure允许没有证书(H)的SSL站点连接

eg using curl we can do this: 例如使用curl我们可以做到这一点: 

# curl -vk --data "appip=adsfa123&login=testt@jelastic.com&password=adfas1123" https://app.sample-jelastic-server.com/1.0/users/authentication/cross/signin

My problem is that my web application is not able to access sites with HTTPS from within the container (or from server). 我的问题是我的Web应用程序无法从容器(或服务器)内部使用HTTPS访问网站。

It is throwing this error: 它抛出此错误:

at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) 在io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)在io.undertow.servlet.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) .ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)

With this, I think if we can configure the web.xml to allow connections to SSL site without certs then that should fix that. 有了这个,我想如果我们可以配置web.xml以允许没有证书的SSL站点连接,那应该可以解决。

1 个解决方案

解决方案1
 1 已采纳  2017-03-30 15:59:10

You need to add the following in the standalone.conf file. 您需要在standalone.conf文件中添加以下内容。

JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/<Path>/conf/xyz.keystore -Djavax.net.ssl.trustStorePassword=password"

In the xyz.keystore , add the certificates of the application you are trying to invoke. xyz.keystore ,添加您尝试调用的应用程序的证书。 The system keystore is automatically added by the wildfly. 系统密钥库由Wildfly自动添加。

You can debug the ssl request and response you can add another configuration to the wildfly start up -Djavax.net.debug=all more on it here 您可以调试ssl请求和响应,也可以将其他配置添加到wildfly启动-Djavax.net.debug=all 此处 -Djavax.net.debug=all其他内容

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 java https://localhost (SSL) - 可能无需在客户端安装证书? - java https://localhost (SSL) - possible without installing certs on client? 我的带有内置ssl证书的库如何允许使用默认证书 - How can my library with built in ssl certificate also allow use with default certs apache httpclient 4.5.1 仅与非 ssl 站点建立 SSL 连接,但失败 - apache httpclient 4.5.1 making only SSL connections to non-ssl sites, and failing 如何配置Wildfly 8.2以禁用ssl连接上的公用名验证(CXF disableCNCheck)? - How to configure Wildfly 8.2 to disable Common Name verification on ssl connections (CXF disableCNCheck)? 在WildFly中转储泄漏连接 - Dump leak connections in WildFly 允许非SSL连接:javax.net.ssl.SSLHandshakeException:握手失败 - Allow non-ssl connections: javax.net.ssl.SSLHandshakeException: Handshake failed 使用HttpUrlConnection建立没有中间证书的SSL连接 - Making SSL connections without intermediate certificates using HttpUrlConnection 在Wildfly 8.2 for Oracle中自动恢复连接,而不使用验证匹配 - Auto recover Connections in Wildfly 8.2 for Oracle without using validate-on-match ibm mq + ssl +自签名证书 - ibm mq + ssl + self signed certs 如何为嵌入式证书指定JVM SSL参数? - How to specify JVM SSL arguments for embedded certs?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM