stackoom
  简体   繁体   中英

javax websocket client ssl connection

 原文  2018-04-03 16:52:37       java/ ssl/ websocket/ wss/ sslcontext

Question

I have problem with javax.websocket (using Eclipse IDE and Jetty 9 server). I wrote ClientEnpdoint (with all annotation). This code work fine with "ws://" but i have problem when trying use "wss://".

I'm trying do it with SSLContext, but don't know how i can add SSLContextFactory to my session or socket container. 

import java.io.FileInputStream;
import java.io.IOException;
import java.net.URI;
import java.security.KeyStore;
import java.util.Date;
import java.text.SimpleDateFormat;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.websocket.*;
import javax.websocket.CloseReason.CloseCodes;
import javax.websocket.ClientEndpointConfig;
import javax.websocket.WebSocketContainer;

@ClientEndpoint
public class ScriptSocketJavax extends Thread{

    final static Logger logger = LogManager.getLogger(ScriptSocketJavax.class);

public int checkWork;
private String type;
private String opertr;
private String client;
private Date date = new Date();
private SimpleDateFormat formatForDateNow = new SimpleDateFormat("MM/dd/yyyy");
private Session session;
private URI uri;
WebSocketContainer container;
ClientEndpointConfig endpointConfig;

public ScriptSocketJavax(String opertr, String client, String type) throws Exception{

    this.checkWork = 0;
    this.uri = URI.create("wss://*****"); //ws://****
    this.type = type;
    this.client = client;
    this.opertr = opertr;
    this.container = ContainerProvider.getWebSocketContainer();
    this.container.setDefaultMaxTextMessageBufferSize(1024*1024);
    this.container.setDefaultMaxBinaryMessageBufferSize(1024*1024);

    try {

        String STORETYPE = "JKS";
        String KEYSTORE = "C:\\****";
        String STOREPASSWORD = "123456";
        String KEYPASSWORD = "123456";

        KeyStore ks = KeyStore.getInstance(STORETYPE);
        ks.load(new FileInputStream(KEYSTORE), STOREPASSWORD.toCharArray());
        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
        kmf.init(ks, KEYPASSWORD.toCharArray());
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
        tmf.init(ks);

        SSLContext sslContext = null;
        sslContext = SSLContext.getInstance( "TLS" );
        sslContext.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null );
        sslContext.getSocketFactory();
        SSLSocketFactory factory = sslContext.getSocketFactory();

        this.session = this.container.connectToServer(this, this.uri);  //obj, not class

or how i can make all connection trusted?

StackTrace: 

java.io.IOException: Connect failure
at org.eclipse.jetty.websocket.jsr356.ClientContainer.connect(ClientContainer.java:231)
at org.eclipse.jetty.websocket.jsr356.ClientContainer.connectToServer(ClientContainer.java:261)
at com.stepanov.utils.ScriptSocketJavax.<init>(ScriptSocketJavax.java:80)
...
at java.lang.Thread.run(Unknown Source)
Caused by: org.eclipse.jetty.websocket.api.UpgradeException: 0 null
...
at org.eclipse.jetty.websocket.client.WebSocketUpgradeRequest.onComplete(WebSocketUpgradeRequest.java:513)
... 3 more
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
...
... 15 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 23 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 29 more

1 answers

solution1
 0  2018-04-03 17:55:06

First of all that URI's certificate should be trusted by your JAVA. To make it trusted by JAVA you need to add the certificate to java key store.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question javax websocket client with access token websocket client not returning connection javax.websocket client simple example Java Websocket client using Tyrus javax.websocket? javax.net.ssl.SSLException: Connection reset Establishing a WebSocket client connection in Jetty? Netty websocket SSL connection HANDSHAKE_ISSUED Okhttp android Websocket and Jetty Server connection with SSL JavaScript and Java WebSocket SSL Connection Error Websocket (spring) ssl connection (empty chain)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM