我試圖使用安全客戶端訪問Web服務。Axis2/Rampart客戶端自簽名證書
我生成兩個文件:
nb19200.pkcs12
server.jks
我粘貼到Tomcat服務器密鑰存儲和上傳PKCS12到我的瀏覽器,一切正常。
現在,在我的客戶端應用程序,我試過如下:
首先,導出服務器證書,我用下面的命令:
密鑰工具-exportcert -alias servercert -file servercert.cer - 密鑰庫server.jks -storepass * *
然後將它導入到一無所有密鑰庫中有:
密鑰工具-importcert -keystore truststore.jks -alias servercert -file servercert.cer -v trustcacerts -noprompt -storepass * **
我的代碼如下:
System.setProperty("javax.net.ssl.trustStore","servertrust.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
//To be able to load the client configuration from axis2.xml
ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("client-repo", null);
SecureServiceStub stub = new SecureServiceStub(ctx,"https://localhost:8443/axis2/services/SecureService");
ServiceClient sc = stub._getServiceClient();
sc.engageModule("rampart");
//call the service etc.
好,這個配置我得到以下錯誤:
造成的:java.net.SocketException異常:連接被遠程主機關閉
如果我評論的前兩行,我得到的錯誤是:
造成的:sun.security.provider.certpath.SunCertPathBuilderException:無法找到有效的認證路徑要求的目標
那麼什麼我做錯了嗎?
我完全失去了。
更新全碼:
堆棧跟蹤:
Exception in thread "main" org.apache.axis2.AxisFault: Connection refused: connect
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:197)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:404)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:231)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at tutorial.rampart.client.SecureServiceStub.add(SecureServiceStub.java:191)
at tutorial.rampart.client.SecureServiceCGClient.main(SecureServiceCGClient.java:36)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:351)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:213)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:200)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:564)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.commons.httpclient.protocol.ReflectionSocketFactory.createSocket(ReflectionSocketFactory.java:140)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:130)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:621)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:193)
你設置'javax.net.ssl.trustStore'其他地方在你的代碼,或在衆人面前使用SSL?它通常只加載一次(即使是默認值)。 – Bruno
Nop。我將使用paste bin上的完整代碼進行更新。 – Wasted
你可以試試這個:http://www.mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target/ – Tomer