使用wsimport時的安全異常

Question

我想從wsdl文件生成存根文件，該文件可通過帶有自簽名證書的ssl連接到達。

<exec executable="wsimport"> 
<arg value="-d" /> 
<arg value="${absolute.path.to.project}/gen" /> 
<arg value="-s" /> 
<arg value="${absolute.path.to.project}/src" /> 
<arg value="https://host:8443/wsrf/services/WS?wsdl" /> 
</exec> 

當我在螞蟻執行此，我得到這個錯誤：

generate-from-wsdl: 
    [exec] parsing WSDL... 
    [exec] [ERROR] sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    [exec] Failed to read the WSDL document: https://192.168.56.101:8443/wsrf/services/KnowledgebaseWebservice?wsdl, because 1) could not find the document; /2) the document could not be read; 3) the root element of the document is not <wsdl:definitions>. 
    [exec] [ERROR] failed.noservice=Could not find wsdl:service in the provided WSDL(s): 
    [exec] At least one WSDL with at least one service definition needs to be provided. 
    [exec]  Failed to parse the WSDL. 
    [exec] Result: 1 

爲了避免這種情況，我想

• 導入與server.crt這文件keytool -importcert -file ~/path/server.crt
• 將server.crt複製到$ JAVA_HOME/lib/security

UPDATE

我也試過如下：

<wsimport wsdl="https://host:8443/Webservice?wsdl" destdir="gen" 
       sourcedestdir="src" 
       verbose="true"> 
    <jvmarg value="-Djavax.net.ssl.trustStore=/path/host.cer" /> 
    <jvmarg value="-Djavax.net.ssl.trustStorePassword=changeit" /> 
</wsimport> 

我仍然得到這個錯誤。我能做什麼？

Answer 1

我認爲您需要通過指定-keystore <path_to>/jre/lib/security/cacerts將服務器證書導入JRE的密鑰存儲庫。如果你堅持以前的命令行，我認爲你需要爲執行Ant的同一個用戶執行該命令。

Answer 2

我無法將cert導入到my/jre/lib/security/cacerts。

所以我結束了以下解決方法：

<target name="main" > 
    <exec executable="java"> 
     <arg line="-Djavax.net.ssl.trustStore=c:\jdk160_29\.mykeystore -classpath C:\jdk160_29\lib\tools.jar com.sun.tools.internal.ws.WsImport https://host:8443/Webservice?wsdl -p com.test -s ./src"/> 
    </exec> 
</target>