Spring-WS请求失败,但是soapUI可以工作
[英]Spring-WS request fails but soapUI works
问题描述
I am using spring-ws to call a secure soap web service. 
我正在使用spring-ws调用安全的肥皂网络服务。 I have a client certificate to sign my outgoing requests and also I have a server certificate to validate the server´s response. 我有一个客户证书来签署我的外发请求,也有一个服务器证书来验证服务器的响应。
Here is the console output 这是控制台输出
01:12:24.373 [main] INFO org.springframework.ws.soap.saaj.SaajSoapMessageFactory - Creating SAAJ 1.3 MessageFactory with SOAP 1.1 Protocol
01:12:24.418 [main] DEBUG org.springframework.ws.soap.saaj.SaajSoapMessageFactory - Using MessageFactory class [com.sun.xml.internal.messaging.saaj.soap.ver1_1.SOAPMessageFactory1_1Impl]
01:12:25.378 [main] INFO com.myapp.WsConfig - Loaded keystore: file:/C:/dev/git/myapp/target/classes/cert/client-keystore.p12
01:12:25.455 [main] INFO com.myapp.WsConfig - Loaded trustStore: file:/C:/dev/git/myapp/target/classes/cert/client-truststore.jks
01:12:26.469 [main] DEBUG org.springframework.ws.transport.http.HttpsUrlConnectionMessageSender - Initialized SSL Context with key managers [sun.security.ssl.SunX509KeyManagerImpl@2133814f] trust managers [sun.security.ssl.X509TrustManagerImpl@4c15e7fd] secure random [null]
01:12:26.475 [main] DEBUG org.springframework.ws.client.core.WebServiceTemplate - Opening [org.springframework.ws.transport.http.HttpUrlConnection@38c5cc4c] to [https://integration-env.com/service-gateway.v1]
01:12:26.544 [main] INFO org.springframework.oxm.jaxb.Jaxb2Marshaller - Creating JAXBContext with context path [com.myapp.generated]
01:12:27.530 [main] DEBUG org.springframework.ws.client.MessageTracing.sent - Sent request [SaajSoapMessage {urn:services-types:v1}Request]
01:12:27.973 [main] DEBUG org.springframework.ws.transport.support.TransportUtils - Could not close WebServiceConnection
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1334)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1309)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:259)
at org.springframework.ws.transport.http.HttpUrlConnection.getRequestOutputStream(HttpUrlConnection.java:89)
at org.springframework.ws.transport.AbstractSenderConnection$RequestTransportOutputStream.createOutputStream(AbstractSenderConnection.java:87)
at org.springframework.ws.transport.TransportOutputStream.getOutputStream(TransportOutputStream.java:41)
at org.springframework.ws.transport.TransportOutputStream.close(TransportOutputStream.java:49)
at org.springframework.ws.transport.AbstractWebServiceConnection.close(AbstractWebServiceConnection.java:141)
at org.springframework.ws.transport.support.TransportUtils.closeConnection(TransportUtils.java:45)
at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:564)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:390)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:383)
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:373)
at com.myapp.SprinClient.getScoring(SprinClient.java:31)
at com.myapp.ClientTest.runService.java:26)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68)
at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47)
at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242)
at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596)
... 46 common frames omitted
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
... 52 common frames omitted
And here my config: 这是我的配置:
@Configuration
public class WsConfig {
private static final Logger log = LoggerFactory.getLogger(WsConfig.class);
@Value("${default-uri}")
private String defaultUri;
@Value("${ssl.trust-store}")
private Resource trustStore;
@Value("${ssl.trust-store-password}")
private String trustStorePassword;
@Value("${ssl.key-store}")
private Resource keyStore;
@Value("${ssl.key-store-password}")
private String keyStorePassword;
@Bean
public Jaxb2Marshaller jaxb2Marshaller() {
Jaxb2Marshaller marshaller = new Jaxb2Marshaller();
marshaller.setContextPath("com.myapp.generated");
return marshaller;
}
@Bean
public WebServiceTemplate webServiceTemplate() throws Exception {
WebServiceTemplate webServiceTemplate = new WebServiceTemplate();
webServiceTemplate.setMarshaller(jaxb2Marshaller());
webServiceTemplate.setUnmarshaller(jaxb2Marshaller());
webServiceTemplate.setDefaultUri(defaultUri);
webServiceTemplate.setMessageSender(httpsUrlConnectionMessageSender());
return webServiceTemplate;
}
@Bean
public HttpsUrlConnectionMessageSender httpsUrlConnectionMessageSender() throws Exception {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(this.keyStore.getInputStream(), keyStorePassword.toCharArray());
log.info("Loaded keystore: {}", this.keyStore.getURI().toString());
this.keyStore.getInputStream().close();
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keyStorePassword.toCharArray());
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(this.trustStore.getInputStream(), trustStorePassword.toCharArray());
log.info("Loaded trustStore: " + this.trustStore.getURI().toString());
this.trustStore.getInputStream().close();
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
HttpsUrlConnectionMessageSender messageSender = new HttpsUrlConnectionMessageSender();
messageSender.setKeyManagers(keyManagerFactory.getKeyManagers());
messageSender.setTrustManagers(trustManagerFactory.getTrustManagers());
return messageSender;
}
And in My Client class I am using that webServiceTemplate like this: 在“我的客户”类中,我像这样使用该webServiceTemplate:
@Component
public class WsClient {
private static final Logger log = LoggerFactory.getLogger(WsClient.class);
private WebServiceTemplate webServiceTemplate;
@Autowired
public SpringArvatoClient(WebServiceTemplate webServiceTemplate) {
this.webServiceTemplate = webServiceTemplate;
}
public void callService(DataObject data) {
JAXBElement<RequestType> request = createRequestType(data);
ResponseType response = (ResponseType) webServiceTemplate
.marshalSendAndReceive(request);
}
In soapUI I am able to run request and receive a response correctly. 在soapUI中,我可以运行请求并正确接收响应。 I think it might fail because I have not setup the security for spring-ws correctly. 我认为这可能会失败,因为我没有正确设置spring-ws的安全性。 I added keystore and truststore and both *store-passwords. 我添加了密钥库和信任库以及两个* store-passwords。 Further in soapUI I was able to setup the concrete signature algorithm, digest algorithm and signature canonicalization, but I don´t know how to set it up with spring-ws. 此外,在soapUI中,我能够设置具体的签名算法,摘要算法和签名规范化,但是我不知道如何使用spring-ws进行设置。
Here is my soapUI security config: 这是我的soapUI安全配置:
soapUI security config soapUI安全配置
UPDATE (ssl logs): 更新(ssl日志):
see my other response, because stackoverflow limits this body to 30000chars. 请参阅我的其他答复,因为stackoverflow将此主体限制为30000个字符。
2 个解决方案
解决方案1
0 2018-10-19 00:27:09
It is pretty clear from below error line that while checking for keystore file at the mentioned location, it is unable to find it. 从错误行下面可以很清楚地看出,在上述位置检查密钥库文件时,找不到它。 The path is not properly set. 路径设置不正确。
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The reason it is working on SoapUI as it asks you for a file to load in configuration in SoapUI. 它在SoapUI上起作用的原因是它要求您在SoapUI的配置中加载文件。
Check the physical locations for below resources also if you have properties file, please check if you have the right path in it. 如果有属性文件,请检查以下资源的物理位置,请检查其中是否具有正确的路径。
@Value("${default-uri}")
private String defaultUri;
@Value("${ssl.trust-store}")
private Resource trustStore;
@Value("${ssl.trust-store-password}")
private String trustStorePassword;
@Value("${ssl.key-store}")
private Resource keyStore;
@Value("${ssl.key-store-password}")
private String keyStorePassword;
解决方案2
0 2018-10-20 13:46:42
UPDATE (ssl logs): 更新(ssl日志):
15:06:34.060 [main] INFO org.springframework.ws.soap.saaj.SaajSoapMessageFactory - Creating SAAJ 1.3 MessageFactory with SOAP 1.1 Protocol
15:06:34.097 [main] DEBUG org.springframework.ws.soap.saaj.SaajSoapMessageFactory - Using MessageFactory class [com.sun.xml.internal.messaging.saaj.soap.ver1_1.SOAPMessageFactory1_1Impl]
15:06:35.049 [main] INFO com.myapp.base.service.WsConfig - Loaded keystore: file:/C:/dev/git/myapp/base-be/base-service-provider/target/classes/cert/client-keystore.p12
***
found key for : integration
chain [0] = [
[
Version: V3
Subject: CN=INTEGRATION, OU=Inte, O=INTEGRATION, L=Baden-Baden, ST=Baden-Wuerttemberg, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 4096 bits
modulus: 785762...
public exponent: 65537
Validity: [From: Wed Oct 14 08:59:04 CEST 2015,
To: Sat Oct 14 08:59:04 CEST 2023]
Issuer: EMAILADDRESS=certificate@csservice.provider-sys.de, CN=ASY Server CA, OU=Application Hosting, O=provider sys GmbH, L=Neustadt, ST=NRW, C=DE
SerialNumber: [ c0]
Certificate Extensions: 7
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1E 16 1C 41 53 59 20 43 41 20 47 65 6E 65 72 ....ASY CA Gener
0010: 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 ated Certificate
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 78 BF C1 12 7C 6A 88 23 CD E2 2D 2B 03 56 DA 80 x....j.#..-+.V..
0010: E0 FA 15 ED ....
]
[EMAILADDRESS=certificate@csservice.provider-sys.de, CN=provider sys - CA0 Primary Certification Authority, OU=Security, O=provider sys GmbH, L=Neustadt, ST=NRW, C=DE]
SerialNumber: [ 0b]
]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
[4]: ObjectId: 2.5.29.18 Criticality=false
IssuerAlternativeName [
RFC822Name: certificate@csservice.provider-sys.de
]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
[6]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
S/MIME
Object Signing
]
[7]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 2E A8 60 57 8F 1B 4D DE F7 A7 6A 0A B3 B0 1D 3D ..`W..M...j....=
0010: C5 85 62 1C ..b.
]
]
Unparseable certificate extensions: 1
[1]: ObjectId: 2.5.29.17 Criticality=false
Unparseable SubjectAlternativeName extension due to
java.io.IOException: No data available in passed DER encoded value.
0000: 30 00 0.
]
Algorithm: [SHA1withRSA]
Signature:
0000: 54 28 38 06 2F 95 72 40 F9 FB CC 7C AB FA 5F B5 T(8./.r@......_.
0010: 7E CF 70 E4 59 6B 96 4C ED 94 EA 35 74 E9 4C 6B ..p.Yk.L...5t.Lk
...
00F0: B2 77 82 13 D4 F1 10 96 1C C8 19 9E 05 D8 9C 1B .w..............
]
***
15:06:35.118 [main] INFO com.myapp.base.service.WsConfig - Loaded trustStore: file:/C:/dev/git/myapp/base-be/base-service-provider/target/classes/cert/client-truststore.jks
adding as trusted cert:
Subject: CN=big-response, OU=IT, O=company GmbH, L=Baden-Baden, ST=Baden-Wuerttemberg, C=DE
Issuer: EMAILADDRESS=certificate@csservice.provider-sys.de, CN=ASY Server CA, OU=Application Hosting, O=provider sys GmbH, L=Neustadt, ST=NRW, C=DE
Algorithm: RSA; Serial number: 0x86
Valid from Mon Apr 20 22:45:43 CEST 2015 until Sat Aug 10 22:45:43 CEST 2024
15:06:35.140 [main] INFO com.myapp.base.service.SpringproviderClient - Requesting person score for: Peter Müller...
Ignoring disabled cipher suite: SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
Ignoring disabled cipher suite: TLS_KRB5_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_3DES_EDE_CBC_MD5
Ignoring disabled cipher suite: SSL_DH_anon_WITH_RC4_128_MD5
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_RC4_128_SHA
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_RC4_40_SHA
Ignoring disabled cipher suite: SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_RSA_EXPORT_WITH_RC4_40_MD5
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_RC4_40_MD5
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_RC4_128_MD5
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_RC4_128_MD5
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
trustStore is: No File Available, using empty keystore.
trustStore type is : jks
trustStore provider is :
init truststore
keyStore is : cert/client-keystore.p12
keyStore type is : jks
keyStore provider is :
trigger seeding of SecureRandom
done seeding SecureRandom
15:06:35.998 [main] DEBUG org.springframework.ws.transport.http.HttpsUrlConnectionMessageSender - Initialized SSL Context with key managers [sun.security.ssl.SunX509KeyManagerImpl@23529fee] trust managers [sun.security.ssl.X509TrustManagerImpl@4fe767f3] secure random [null]
15:06:36.004 [main] DEBUG org.springframework.ws.client.core.WebServiceTemplate - Opening [org.springframework.ws.transport.http.HttpUrlConnection@14d3bc22] to [https://integration-big.finance.provider.com/product/big/business-information-gateway.v1.2]
15:06:36.086 [main] INFO org.springframework.oxm.jaxb.Jaxb2Marshaller - Creating JAXBContext with context path [com.myapp.base.service.provider.generated]
15:06:37.333 [main] DEBUG org.springframework.ws.client.MessageTracing.sent - Sent request [SaajSoapMessage {urn:big-services-types:v1.2}Request]
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
main, setSoTimeout(0) called
main, the previous server name in SNI (type=host_name (0), value=integration-big.finance.provider.com) was replaced with (type=host_name (0), value=integration-big.finance.provider.com)
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1523263581 bytes = { 157, 84, 247, 157, 102, 185, 160, 253, 225, 94, 207, 129, 26, 5, 32, 166, 246, 45, 135, 19, 99, 14, 52, 150, 110, 73, 254, 116 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension extended_master_secret
Extension server_name, server_name: [type=host_name (0), value=integration-big.finance.provider.com]
***
main, WRITE: TLSv1.2 Handshake, length = 236
main, READ: TLSv1.2 Handshake, length = 93
*** ServerHello, TLSv1.2
RandomCookie: GMT: 640777025 bytes = { 33, 3, 88, 115, 39, 70, 25, 86, 20, 156, 190, 200, 89, 97, 247, 220, 222, 129, 188, 142, 172, 117, 181, 226, 255, 198, 177, 176 }
Session ID: {102, 101, 195, 164, 70, 236, 103, 43, 201, 13, 226, 55, 40, 70, 151, 80, 232, 28, 4, 240, 43, 202, 54, 126, 231, 1, 13, 24, 236, 240, 176, 177}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Compression Method: 0
Extension server_name, server_name:
Extension renegotiation_info, renegotiated_connection: <empty>
Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2]
***
%% Initialized: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
main, READ: TLSv1.2 Handshake, length = 2940
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=big.finance.provider.com, O=provider sys GmbH, L=Neustadt, ST=Nordrhein-Westfalen, C=DE
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
modulus: 265764493...
public exponent: 65537
Validity: [From: Fri Aug 10 02:00:00 CEST 2018,
To: Sun Oct 25 13:00:00 CET 2020]
Issuer: CN=GeoTrust TLS RSA CA G1, OU=www.digicert.com, O=DigiCert Inc, C=US
SerialNumber: [ 0fe6a4fc c5d93b55 f85fdaba 1d765c2f]
Certificate Extensions: 10
[1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 82 01 6C 04 82 01 68 01 66 00 76 00 A4 B9 09 ...l...h.f.v....
0010: 90 B4 18 58 14 87 BB 13 A2 CC 67 70 0A 3C 35 98 ...X......gp.<5.
...
0160: 54 EA 7E 31 14 6E EA 21 19 44 0E C0 97 B0 4A 34 T..1.n.!.D....J4
[2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://status.geotrust.com
,
accessMethod: caIssuers
accessLocation: URIName: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 94 4F D4 5D 8B E4 A4 E2 A6 80 FE FD D8 F9 00 EF .O.]............
0010: A3 BE 02 57 ...W
]
]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
[5]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl]
]]
[6]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114412.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69 ..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS
]] ]
[CertificatePolicyId: [2.23.140.1.2.2]
[] ]
]
[7]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
[8]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
[9]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: big.finance.provider.com
DNSName: acceptance-big.finance.provider.com
DNSName: integration-big.finance.provider.com
]
[10]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B7 CD F4 D3 84 2E D2 B5 0D 6F BE 18 C4 75 BD E3 .........o...u..
0010: A2 51 7A 4A .QzJ
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 5F B7 0D DC 75 3F EE 4F D3 15 12 6C 56 47 C5 D8 _...u?.O...lVG..
0010: 83 04 01 F9 23 40 E9 72 0E 19 7A 69 A4 F7 1F FD ....#@.r..zi....
...
00F0: 3F 33 BF 95 7D D8 C9 B2 3F 88 5E 46 FA B1 D8 46 ?3......?.^F...F
]
chain [1] = [
[
Version: V3
Subject: CN=GeoTrust TLS RSA CA G1, OU=www.digicert.com, O=DigiCert Inc, C=US
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
modulus: 2399706833...
public exponent: 65537
Validity: [From: Thu Nov 02 13:23:37 CET 2017,
To: Tue Nov 02 13:23:37 CET 2027]
Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
SerialNumber: [ 0d07782a 133fc6f9 a57296e1 31ffd179]
Certificate Extensions: 8
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 4E 22 54 20 18 95 E6 E3 6E E6 0F FA FA B9 12 ED N"T ....n.......
0010: 06 17 8F 39 ...9
]
]
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]
[4]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/DigiCertGlobalRootG2.crl]
]]
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69 ..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS
]] ]
]
[6]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
[7]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
[8]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 94 4F D4 5D 8B E4 A4 E2 A6 80 FE FD D8 F9 00 EF .O.]............
0010: A3 BE 02 57 ...W
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 82 1C 04 3A 82 E9 C5 A9 C8 65 12 5C 08 E3 01 C6 ...:.....e.\....
0010: 30 B0 AE 22 88 61 7B 2B 07 86 F7 B8 B5 44 9C F5 0..".a.+.....D..
...
00F0: 1E 12 78 CE 98 F2 5F FB 30 14 69 3C 2C FA 97 C6 ..x..._.0.i<,...
]
***
%% Invalidated: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
main, SEND TLSv1.2 ALERT: fatal, description = certificate_unknown
main, WRITE: TLSv1.2 Alert, length = 2
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
main, called close()
main, called closeInternal(true)
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
main, setSoTimeout(0) called
main, the previous server name in SNI (type=host_name (0), value=integration-big.finance.provider.com) was replaced with (type=host_name (0), value=integration-big.finance.provider.com)
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
...
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1523263582 bytes = { 233, 137, 188, 176, 188, 141, 243, 246, 241, 46, 216, 176, 148, 127, 13, 141, 61, 15, 229, 181, 114, 136, 25, 152, 186, 210, 74, 84 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, ...TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension extended_master_secret
Extension server_name, server_name: [type=host_name (0), value=integration-big.finance.provider.com]
***
main, WRITE: TLSv1.2 Handshake, length = 236
main, READ: TLSv1.2 Handshake, length = 93
*** ServerHello, TLSv1.2
RandomCookie: GMT: -1281780602 bytes = { 25, 40, 240, 160, 112, 50, 173, 202, 228, 58, 25, 10, 96, 229, 146, 183, 117, 29, 144, 139, 251, 115, 129, 238, 237, 148, 64, 78 }
Session ID: {15, 37, 184, 159, 154, 113, 92, 50, 245, 234, 44, 169, 89, 215, 100, 45, 5, 95, 39, 194, 120, 37, 117, 0, 40, 67, 177, 253, 233, 19, 35, 57}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Compression Method: 0
Extension server_name, server_name:
Extension renegotiation_info, renegotiated_connection: <empty>
Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2]
***
%% Initialized: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
main, READ: TLSv1.2 Handshake, length = 2940
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=big.finance.provider.com, O=provider sys GmbH, L=Neustadt, ST=Nordrhein-Westfalen, C=DE
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
modulus: 26538155...
public exponent: 65537
Validity: [From: Fri Aug 10 02:00:00 CEST 2018,
To: Sun Oct 25 13:00:00 CET 2020]
Issuer: CN=GeoTrust TLS RSA CA G1, OU=www.digicert.com, O=DigiCert Inc, C=US
SerialNumber: [ 0fe6a4fc c5d93b55 f85fdaba 1d765c2f]
Certificate Extensions: 10
[1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 82 01 6C 04 82 01 68 01 66 00 76 00 A4 B9 09 ...l...h.f.v....
0010: 90 B4 18 58 14 87 BB 13 A2 CC 67 70 0A 3C 35 98 ...X......gp.<5.
...
0160: 54 EA 7E 31 14 6E EA 21 19 44 0E C0 97 B0 4A 34 T..1.n.!.D....J4
[2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://status.geotrust.com
,
accessMethod: caIssuers
accessLocation: URIName: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 94 4F D4 5D 8B E4 A4 E2 A6 80 FE FD D8 F9 00 EF .O.]............
0010: A3 BE 02 57 ...W
]
]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
[5]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl]
]]
[6]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114412.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69 ..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS
]] ]
[CertificatePolicyId: [2.23.140.1.2.2]
[] ]
]
[7]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
[8]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
[9]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: big.finance.provider.com
DNSName: acceptance-big.finance.provider.com
DNSName: integration-big.finance.provider.com
]
[10]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B7 CD F4 D3 84 2E D2 B5 0D 6F BE 18 C4 75 BD E3 .........o...u..
0010: A2 51 7A 4A .QzJ
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 5F B7 0D DC 75 3F EE 4F D3 15 12 6C 56 47 C5 D8 _...u?.O...lVG..
0010: 83 04 01 F9 23 40 E9 72 0E 19 7A 69 A4 F7 1F FD ....#@.r..zi....
...
00F0: 3F 33 BF 95 7D D8 C9 B2 3F 88 5E 46 FA B1 D8 46 ?3......?.^F...F
]
chain [1] = [
[
Version: V3
Subject: CN=GeoTrust TLS RSA CA G1, OU=www.digicert.com, O=DigiCert Inc, C=US
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
modulus: 239970683...
public exponent: 65537
Validity: [From: Thu Nov 02 13:23:37 CET 2017,
To: Tue Nov 02 13:23:37 CET 2027]
Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
SerialNumber: [ 0d07782a 133fc6f9 a57296e1 31ffd179]
Certificate Extensions: 8
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://ocsp.digicert.com
]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 4E 22 54 20 18 95 E6 E3 6E E6 0F FA FA B9 12 ED N"T ....n.......
0010: 06 17 8F 39 ...9
]
]
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]
[4]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl3.digicert.com/DigiCertGlobalRootG2.crl]
]]
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 69 ..https://www.di
0010: 67 69 63 65 72 74 2E 63 6F 6D 2F 43 50 53 gicert.com/CPS
]] ]
]
[6]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
[7]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
[8]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 94 4F D4 5D 8B E4 A4 E2 A6 80 FE FD D8 F9 00 EF .O.]............
0010: A3 BE 02 57 ...W
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 82 1C 04 3A 82 E9 C5 A9 C8 65 12 5C 08 E3 01 C6 ...:.....e.\....
0010: 30 B0 AE 22 88 61 7B 2B 07 86 F7 B8 B5 44 9C F5 0..".a.+.....D..
...
00F0: 1E 12 78 CE 98 F2 5F FB 30 14 69 3C 2C FA 97 C6 ..x..._.0.i<,...
]
***
%% Invalidated: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
main, SEND TLSv1.2 ALERT: fatal, description = certificate_unknown
main, WRITE: TLSv1.2 Alert, length = 2
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
main, called close()
main, called closeInternal(true)
15:06:38.804 [main] DEBUG org.springframework.ws.transport.support.TransportUtils - Could not close WebServiceConnection
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
... (see original post above)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Spring-ws一个请求中有多个请求 - Spring-ws multiple request in one request
了解Spring-WS - Understanding Spring-WS
Spring-WS:如何从没有“ Request”元素的xsd创建Wsdl - Spring-ws: How to create Wsdl from an xsd with no “Request” element
Spring-ws -Problem从tomcat 6请求webservice - Spring-ws -Problem request webservice from tomcat 6
将Spring-ws webservicetemplate请求以XML格式保存到数据库 - Save Spring-ws webservicetemplate request to DB in XML Format
如何从Spring-WS拦截器中的SoapUI身份验证选项卡(HTTP标头)获取用户名和密码? - How to obtain username and password from SoapUI Auth Tab (HTTP Headers) in a Spring-WS Interceptor?
Spring-WS中的自定义上下文 - Custom Context in Spring-WS
Spring-WS项目创建 - Spring-WS project creation
Hibernate对Spring-WS无响应 - Hibernate Unresponsive with Spring-WS
具有安全性的Spring-ws UnsupportedCallbackException - Spring-ws with security UnsupportedCallbackException
相关标签