0
我目前正在使用Mobilefirst 8.0開發我的應用程序,但是當JAVA HTTP適配器使用自簽名證書連接外部資源HTTPS連接時出現問題。來自外部資源的公共證書被導入到我的服務器,該服務器是/ IBM/WebSphere/Liberty/usr/servers/{服務器名稱} /resources/security/key.jks,但仍然出現handshake_failure異常。任何想法/解決方案來克服這個問題?Mobilefirst 8.0 Java適配器SSL
1)到目前爲止,我試圖構建正好與JavaScript的HTTP適配器相同的邏輯,並導入我的JKS到運行時設置/密鑰庫標籤其中Configure Mobilefirst Keystore我adapter.xml
2)儘量系統內工作。 setProperty指向我自己的密鑰庫,並嘗試在運行時將其打印出來,但打印出的結果與我的JAVA HTTP適配器中設置的不同。
3)嘗試在我的JAVA HTTP適配器中設置與我的JAVASCRIPT HTTP適配器相同的構建和部署,但沒有錯誤,但handshake_failure異常返回。僅供參考,JAVA ADAPTER ATTRIBUTES不提供此屬性。
上傳的server.xml
<!-- Enable features -->
<featureManager>
<feature>jsp-2.2</feature>
<!-- Begin of features added by IBM MobileFirst <installmobilefirstadmin> ant task for context root '/mfpadmin'. -->
<!-- The following lines will be removed when the application is uninstalled -->
<feature>jdbc-4.0</feature>
<feature>appSecurity-2.0</feature>
<feature>restConnector-1.0</feature>
<feature>usr:MFPDecoderFeature-1.0</feature>
<!-- End of features added by IBM MobileFirst <installmobilefirstadmin> ant task for context root '/mfpadmin'. -->
<!-- Begin of features added by IBM MobileFirst <installmobilefirstruntime> ant task for context root '/mfp'. -->
<!-- The following lines will be removed when the application is uninstalled -->
<feature>jdbc-4.0</feature>
<feature>servlet-3.0</feature>
<feature>ssl-1.0</feature>
<feature>usr:MFPDecoderFeature-1.0</feature>
<feature>webProfile-6.0</feature>
<!-- End of features added by IBM MobileFirst <installmobilefirstruntime> ant task for context root '/mfp'. -->
<!-- Begin of features added by IBM MobileFirst installer. -->
<!-- The following lines will be removed when the application is uninstalled -->
<feature>jdbc-4.0</feature>
<feature>servlet-3.0</feature>
<feature>appSecurity-2.0</feature>
<feature>usr:MFPDecoderFeature-1.0</feature>
<!-- End of features added by IBM MobileFirst installer. -->
</featureManager>
<httpAccessLogging id="accessLogging">
<accessLogging filepath="${server.output.dir}/logs/http_defaultEndpoint_access.log" logFormat='%h %i %u %U %t "%r" %s %b' />
</httpAccessLogging>
<!-- To access this server from a remote client add a host attribute to the following element, e.g. host="*" -->
<httpEndpoint id="defaultHttpEndpoint"
httpPort="9080"
httpsPort="9443" host="*" accessLoggingRef="accessLogging">
<!-- Option soReuseAddr added by IBM MobileFirst <installmobilefirstadmin> ant task for context root '/mfpadmin'. -->
<!-- Option soReuseAddr added by IBM MobileFirst <installmobilefirstruntime> ant task for context root '/mfp'. -->
<!-- Option soReuseAddr added by IBM MobileFirst installer. -->
<tcpOptions soReuseAddr="true"/>
</httpEndpoint>
<administrator-role>
<!-- MobileFirst JMX User.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<user>MfpRESTUser</user>
</administrator-role>
<application id="RestWebService" location="RestWebService.war" name="RestWebService" type="war">
</application>
<basicRegistry>
<!-- IBM Application Center group.
[Added by IBM MobileFirst Platform Foundation <installapplicationcenter> Ant task for context root '/applicationcenter']
-->
<group name="appcentergroup">
<!-- IBM Application Center group member.
[Added by IBM MobileFirst Platform Foundation <installapplicationcenter> Ant task for context root '/applicationcenter']
-->
<member name="admin"/>
</group>
<!-- MobileFirst user.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<user name="configUser_mfpadmin" password="C9Vm6xAktLZh"/>
<!-- MobileFirst user.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<user name="MfpRESTUser" password="HSQFUiS7bxB8"/>
<!-- MobileFirst user.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
[Added by IBM MobileFirst Platform Foundation <installapplicationcenter> Ant task for context root '/applicationcenter']
-->
<user name="admin" password="admin"/>
</basicRegistry>
<!-- IBM MobileFirst requires SSL and declared the "defaultKeyStore" default keystore.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
This configuration is the minimum one that you need to create an SSL configuration.
With this configuration, the Liberty server creates the keystore and the certificate,
if it does not exist yet, during the SSL initialization.
The created certificate is a self-signed certificate that is valid for 365 days.
Do not use the certificates that the Liberty server created for production use.
For more information see http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/topic/com.ibm.websphere.wlp.core.doc/ae/twlp_sec_ssl.html
-->
<keyStore id="defaultKeyStore" password="mobilefirst"/>
<!-- MobileFirst JNDI property for JMX connection.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<jndiEntry jndiName="mfp.admin.jmx.host" value='"127.0.0.1"'/>
<!-- MobileFirst JNDI property for JMX connection.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<jndiEntry jndiName="mfp.admin.jmx.port" value='"9443"'/>
<!-- MobileFirst JNDI property for JMX connection.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<jndiEntry jndiName="mfp.admin.jmx.user" value='"MfpRESTUser"'/>
<!-- MobileFirst JNDI property for JMX connection.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<jndiEntry jndiName="mfp.admin.jmx.pwd" value='"HSQFUiS7bxB8"'/>
<!-- MobileFirst JNDI property for JMX connection.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<jndiEntry jndiName="mfp.topology.platform" value='"Liberty"'/>
<!-- MobileFirst JNDI property for JMX connection.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<jndiEntry jndiName="mfp.topology.clustermode" value='"Standalone"'/>
<!-- WebContainer statement.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
[Added by IBM MobileFirst Platform Foundation <installmobilefirstruntime> Ant task for context root '/mfp']
-->
<webContainer deferServletLoad="false"/>
<!-- Executor statement.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
-->
<executor id="default" name="LargeThreadPool"
coreThreads="200" maxThreads="400" keepAlive="60s"
stealPolicy="STRICT" rejectedWorkPolicy="CALLER_RUNS"/>
<!-- Shared JDBC Driver.
[Added by IBM MobileFirst Platform Foundation <installmobilefirstadmin> Ant task for context root '/mfpadmin']
[Added by IBM MobileFirst Platform Foundation <installmobilefirstruntime> Ant task for context root '/mfp']
-->
<library id="MobileFirst/JDBC/oracle">
<fileset dir="${shared.resource.dir}/MobileFirstJDBC/oracle" includes="ojdbc7.jar"/>
</library>
<!-- Begin of configuration added by IBM MobileFirst <installmobilefirstadmin> ant task for context root '/mfpadmin'. -->
<!-- Declare the MobileFirst Administration Service application. -->
<application id="mfpadmin" name="mfpadmin" location="mfp-admin-service.war" type="war">
<application-bnd>
<security-role name="mfpadmin">
<user name="admin"/>
</security-role>
<security-role name="mfpdeployer">
</security-role>
<security-role name="mfpmonitor">
</security-role>
<security-role name="mfpoperator">
</security-role>
</application-bnd>
<classloader delegation="parentLast" commonLibraryRef="MobileFirst/JDBC/oracle">
</classloader>
</application>
<!-- Declare the JNDI properties for the MobileFirst Administration Service. -->
<jndiEntry jndiName="mfpadmin/mfp.config.service.user" value='"configUser_mfpadmin"'/>
<jndiEntry jndiName="mfpadmin/mfp.config.service.password" value='"x"'/>
<!-- Declare the IBM MobileFirst Administration database. -->
<dataSource jndiName="mfpadmin/jdbc/mfpAdminDS" transactional="false">
<jdbcDriver libraryRef="MobileFirst/JDBC/oracle"/>
<properties.oracle driverType="thin" URL="jdbc:oracle:thin:@xx.xxx.xx.xx:xxxx:x" user="x" password="xxx"/>
</dataSource>
<!-- Declare the MobileFirst Administration Console application. -->
<application id="mfpconsole" name="mfpconsole" location="mfp-admin-ui.war" type="war">
<application-bnd>
<security-role name="mfpadmin">
<user name="admin"/>
</security-role>
<security-role name="mfpdeployer">
</security-role>
<security-role name="mfpmonitor">
</security-role>
<security-role name="mfpoperator">
</security-role>
</application-bnd>
<classloader delegation="parentLast">
</classloader>
</application>
<!-- Declare the JNDI properties for the MobileFirst Administration Console. -->
<jndiEntry jndiName="mfpconsole/mfp.admin.endpoint" value='"*://*:*/mfpadmin"'/>
<!-- Declare the MobileFirst Server Artifacts application. -->
<application id="mfp-dev-artifacts" name="mfp-dev-artifacts" location="mfp-dev-artifacts.war" type="war">
<classloader delegation="parentLast">
</classloader>
</application>
<!-- Declare the JNDI properties for the MobileFirst Server Artifacts. -->
<!-- Declare the MobileFirst Live Update application. -->
<application id="mfpadminconfig" name="mfpadminconfig" location="mfp-live-update.war" type="war">
<application-bnd>
<security-role name="configadmin">
<user name="configUser_mfpadmin"/>
</security-role>
</application-bnd>
<classloader delegation="parentLast" commonLibraryRef="MobileFirst/JDBC/oracle">
</classloader>
</application>
<!-- Declare the JNDI properties for the MobileFirst Live Update. -->
<!-- Declare the IBM MobileFirst Configuration database. -->
<dataSource jndiName="mfpadminconfig/jdbc/ConfigDS" transactional="false">
<jdbcDriver libraryRef="MobileFirst/JDBC/oracle"/>
<properties.oracle driverType="thin" URL="jdbc:oracle:thin:@10.163.33.54:1525:SMPS01GM" user="SVMPOMTRM07" password="{xor}Mi8wLG5tbGs="/>
</dataSource>
<!-- End of configuration added by IBM MobileFirst <installmobilefirstadmin> ant task for context root '/mfpadmin'. -->
<!-- Begin of configuration added by IBM MobileFirst <installmobilefirstruntime> ant task for context root '/mfp'. -->
<!-- Declare the MobileFirst Runtime application. -->
<application id="mfp" name="mfp" location="mfp-server.war" type="war">
<classloader delegation="parentLast">
</classloader>
</application>
<!-- Declare the JNDI properties for the MobileFirst Runtime. -->
<jndiEntry jndiName="mfp/mfp.analytics.url" value='"http://xx.xxx.xx.xx:xxxx/analytics-service/rest"'/>
<jndiEntry jndiName="mfp/mfp.analytics.console.url" value='"http://xx.xxx.xx.xx:xxxx/analytics/console"'/>
<jndiEntry jndiName="mfp/mfp.analytics.username" value='"admin"'/>
<jndiEntry jndiName="mfp/mfp.analytics.password" value='"admin"'/>
<jndiEntry jndiName="mfp/mfp.authorization.server" value='"embedded"'/>
<!-- Declare the IBM MobileFirst Server Runtime database. -->
<dataSource jndiName="mfp/jdbc/mfpDS" transactional="false">
<jdbcDriver libraryRef="MobileFirst/JDBC/oracle"/>
<properties.oracle driverType="thin" URL="jdbc:oracle:thin:@xx.xxx.xx.xx:xxxx:x" user="x" password="xxx"/>
</dataSource>
<!-- End of configuration added by IBM MobileFirst <installmobilefirstruntime> ant task for context root '/mfp'. -->
<!-- Begin of configuration added by IBM MobileFirst installer. -->
<!-- Declare the IBM Application Center Console application. -->
<application id="appcenterconsole" name="appcenterconsole" location="appcenterconsole.war" type="war">
<application-bnd>
<security-role name="appcenteradmin">
<group name="appcentergroup"/>
</security-role>
</application-bnd>
</application>
<!-- Declare the IBM Application Center Services application. -->
<application id="applicationcenter" name="applicationcenter" location="applicationcenter.war" type="war">
<application-bnd>
<security-role name="appcenteradmin">
<group name="appcentergroup"/>
</security-role>
</application-bnd>
<classloader delegation="parentLast"/>
</application>
<!-- Declare the JNDI properties for the IBM Application Center. -->
<!-- Define the AppCenter services endpoint in order for the AppCenter console to be able to invoke the REST service.
You need to enable this property if the server is behind a reverse proxy
or if the context root of the Application Center Services application is different from '/applicationcenter'. -->
<!-- <jndiEntry jndiName="ibm.appcenter.services.endpoint" value='"http://proxyhost:proxyport/applicationcenter"'/> -->
<!-- The directory with binaries of the 'aapt' program, from the Android SDK's platform-tools package. -->
<jndiEntry jndiName="android.aapt.dir" value='"/opt/IBM/MobileFirst_Platform_Server/ApplicationCenter/tools/android-sdk"'/>
<!-- The protocol of the application resources URI. This property is optional. It is only needed if the protocol of the external and internal URI are different. -->
<!-- <jndiEntry jndiName="ibm.appcenter.proxy.protocol" value='"http"'/> -->
<!-- The hostname of the application resources URI. -->
<!-- <jndiEntry jndiName="ibm.appcenter.proxy.host" value='"proxyhost"'/> -->
<!-- The port of the application resources URI. This property is optional. -->
<!-- <jndiEntry jndiName="ibm.appcenter.proxy.port" value="proxyport"/> -->
<!-- Declare the jar files for Oracle access through JDBC. -->
<library id="OracleLib">
<fileset dir="${shared.resource.dir}/oracle" includes="*.jar"/>
</library>
<!-- Declare the IBM Application Center database. -->
<dataSource jndiName="jdbc/AppCenterDS" transactional="false">
<jdbcDriver libraryRef="OracleLib"/>
<properties.oracle driverType="thin" URL="jdbc:oracle:thin:@xx.xxx.xx.xx:xxxx:x" user="x" password="xxx"/>
</dataSource>
<!-- End of configuration added by IBM MobileFirst installer. -->
請上傳您的server.xml –
@VivinK,上傳server.xml。請幫助任何想法? –
請確認 - 是否在控制檯中配置密鑰庫(使用後端的公共證書),使用JS適配器而不使用Java適配器,還是使用相同的結果? –