[英]Wildfly - Allow connections to SSL sites without certs
Is there a way for a web application to be configured (through web.xml) to allow connections to SSL sites withour certificates similar to curl
's -k
option? 有没有一种方法可以配置Web应用程序(通过web.xml)以允许使用类似于
curl
的-k
选项的证书连接到SSL站点?
-k, --insecure Allow connections to SSL sites without certs (H) -k,--insecure允许没有证书(H)的SSL站点连接
eg using curl we can do this: 例如使用curl我们可以做到这一点:
# curl -vk --data "appip=adsfa123&login=testt@jelastic.com&password=adfas1123" https://app.sample-jelastic-server.com/1.0/users/authentication/cross/signin
My problem is that my web application is not able to access sites with HTTPS from within the container (or from server). 我的问题是我的Web应用程序无法从容器(或服务器)内部使用HTTPS访问网站。
It is throwing this error: 它抛出此错误:
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
在io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)在io.undertow.servlet.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) .ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
With this, I think if we can configure the web.xml to allow connections to SSL site without certs then that should fix that. 有了这个,我想如果我们可以配置web.xml以允许没有证书的SSL站点连接,那应该可以解决。
You need to add the following in the standalone.conf
file. 您需要在
standalone.conf
文件中添加以下内容。
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/<Path>/conf/xyz.keystore -Djavax.net.ssl.trustStorePassword=password"
In the xyz.keystore
, add the certificates of the application you are trying to invoke. 在
xyz.keystore
,添加您尝试调用的应用程序的证书。 The system keystore is automatically added by the wildfly. 系统密钥库由Wildfly自动添加。
You can debug the ssl request and response you can add another configuration to the wildfly start up -Djavax.net.debug=all
more on it here 您可以调试ssl请求和响应,也可以将其他配置添加到wildfly启动
-Djavax.net.debug=all
此处 -Djavax.net.debug=all
其他内容
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.