[英]Java Truststore differences between windows 7 and Solaris (Mule 3.3)
我有两个模块,我更喜欢在同一个JVM中运行。 两者都使用Mule 3.3,两者都需要与特定的外部服务建立https连接。
模块A使用特定的https连接器:
<https:connector name="proxiedHttpsConnector">
<spring:property name="proxyHostname" value="${feeds.proxy.server}"/>
<spring:property name="proxyPort" value="${feeds.proxy.port}"/>
<https:tls-server path="security/modulea_store" storePassword="thesecretpassowrd"/>
</https:connector>
模块B使用第三方代码,该代码使用com.sun.jersey.client.apache.ApacheHttpClient(v 1.6)。 模块B已被修改为通过相同的代理工作。
使用jdk1.6.0_27在Windows 7上测试模块B时,我收到以下异常:
ERROR 2012-05-09 10:02:39,585 [VideoAvailable.stage1.02] org.mule.exception.DefaultMessagingExceptionStrategy:
********************************************************************************
Message : Component that caused exception is: DefaultJavaComponent{VideoAvailable.commponent.414853995}. Message payload is of type: VideoEvent
Code : MULE_ERROR--2
--------------------------------------------------------------------------------
Exception stack is:
1. unable to find valid certification path to requested target (sun.security.provider.certpath.SunCertPathBuilderException)
sun.security.provider.certpath.SunCertPathBuilder:174 (null)
2. PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (sun.security.validator.ValidatorException)
sun.security.validator.PKIXValidator:323 (null)
3. sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (javax.net.ssl.SSLHandshakeException)
com.sun.net.ssl.internal.ssl.Alerts:174 (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLHandshakeException.html)
4. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (com.sun.jersey.api.client.ClientHandlerException)
com.sun.jersey.client.apache.DefaultApacheHttpMethodExecutor:213 (null)
5. Component that caused exception is: DefaultJavaComponent{VideoAvailable.commponent.414853995}. Message payload is of type: VideoEvent (org.mule.component.ComponentException)
org.mule.component.DefaultComponentLifecycleAdapter:359 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/component/ComponentException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
+ 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************
我可以添加证书以连接到模块B的远程服务到模块A的信任库,并且两个模块在Windows 7上都能正常工作。
在运行jre 1.6.0_06的SunOS 5.10上运行相同的配置(我知道它已经过时)会产生以下错误:
2012/05/08 17:42:32 | ERROR 2012-05-08 17:42:32,265 [VideoAvailable.stage1.04] org.mule.exception.DefaultMessagingExceptionStrategy:
2012/05/08 17:42:32 | ********************************************************************************
2012/05/08 17:42:32 | Message : Component that caused exception is: DefaultJavaComponent{VideoAvailable.commponent.6015177}. Message payload is of type: VideoEvent
2012/05/08 17:42:32 | Code : MULE_ERROR--2
2012/05/08 17:42:32 | --------------------------------------------------------------------------------
2012/05/08 17:42:32 | Exception stack is:
2012/05/08 17:42:32 | 1. the trustAnchors parameter must be non-empty (java.security.InvalidAlgorithmParameterException)
2012/05/08 17:42:32 | java.security.cert.PKIXParameters:183 (null)
2012/05/08 17:42:32 | 2. Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty (java.lang.RuntimeException)
2012/05/08 17:42:32 | sun.security.validator.PKIXValidator:59 (null)
2012/05/08 17:42:32 | 3. java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty (javax.net.ssl.SSLException)
2012/05/08 17:42:32 | com.sun.net.ssl.internal.ssl.Alerts:190 (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLException.html)
2012/05/08 17:42:32 | 4. javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty (com.sun.jersey.api.client.ClientHandlerException)
2012/05/08 17:42:32 | com.sun.jersey.client.apache.DefaultApacheHttpMethodExecutor:213 (null)
2012/05/08 17:42:32 | 5. Component that caused exception is: DefaultJavaComponent{VideoAvailable.commponent.6015177}. Message payload is of type: VideoEvent (org.mule.component.ComponentException)
2012/05/08 17:42:32 | org.mule.component.DefaultComponentLifecycleAdapter:359 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/component/ComponentException.html)
2012/05/08 17:42:32 | --------------------------------------------------------------------------------
2012/05/08 17:42:32 | Root Exception stack trace:
2012/05/08 17:42:32 | java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
2012/05/08 17:42:32 | at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:183)
2012/05/08 17:42:32 | at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:103)
2012/05/08 17:42:32 | at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:87)
2012/05/08 17:42:32 | + 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
2012/05/08 17:42:32 | ********************************************************************************
两者都在Windows 7和SunOS上独立运行。 两者在Windows 7上运行良好。两者在SunOS上都不兼容。 此外,将模块B所需的证书添加到/NFL/ESB/apps/jdk1.6.0_06/jre/lib/security/cacerts并弹跳Mule也无济于事。 我还尝试将我的Windows 7 JDK配置为指向SunOS cacerts的副本(默认情况下)并且不会重现Sun错误。
是否有可能使用“\\”作为路径分隔符,因此在SunOS上失败?
我能够重新配置模块A以使用默认的Trust Store:
<https:connector name="proxiedHttpsConnector"
http:proxyHostname="${feeds.proxy.server}"
http:proxyPort="${feeds.proxy.port}"/>
然后允许两个模块一起运行。
就主要目标而言,这很好。 我从来没有完全解开Windows 7和Solaris之间的不同信任存储库初始化路径,但是我已经花了足够的时间来解决这个问题,我需要继续前进。
Java中的RH Linux和Solaris之间的TCP性能差异?
[英]TCP performance differences between RH Linux and Solaris in java?
XP和Vista / Windows 7之间的Java WebStart权限差异
[英]Java WebStart permission differences between XP and Vista/Windows 7
Windows和Linux之间Java套接字的差异 - 如何处理它们?
[英]Differences on Java Sockets between Windows and Linux - How to handle them?
Tomcat 配置 - JAVA_OPTS 和连接器中的密钥库/信任库之间的区别
[英]Tomcat Config - difference between keystore/truststore in JAVA_OPTS and in the Connector
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.