Windows 7和Solaris之間的Java Truststore差異（Mule 3.3）

Question

我有兩個模塊，我寧願在同一個JVM中運行。兩者都使用 Mule 3.3，並且都需要將https連接到特定的外部服務。

模塊A使用特定的https連接器：

<https:connector name="proxiedHttpsConnector"> 
    <spring:property name="proxyHostname" value="${feeds.proxy.server}"/> 
    <spring:property name="proxyPort" value="${feeds.proxy.port}"/> 
    <https:tls-server path="security/modulea_store" storePassword="thesecretpassowrd"/> 
</https:connector> 

模塊B使用使用com.sun.jersey.client.apache.ApacheHttpClient第三方代碼（V 1.6）。模塊B已被修改爲通過相同的代理工作。

在Windows 7測試模塊B使用jdk1.6.0_27我收到以下異常：

ERROR 2012-05-09 10:02:39,585 [VideoAvailable.stage1.02] org.mule.exception.DefaultMessagingExceptionStrategy: 
******************************************************************************** 
Message    : Component that caused exception is: DefaultJavaComponent{VideoAvailable.commponent.414853995}. Message payload is of type: VideoEvent 
Code     : MULE_ERROR--2 
-------------------------------------------------------------------------------- 
Exception stack is: 
1. unable to find valid certification path to requested target (sun.security.provider.certpath.SunCertPathBuilderException) 
    sun.security.provider.certpath.SunCertPathBuilder:174 (null) 
2. PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (sun.security.validator.ValidatorException) 
    sun.security.validator.PKIXValidator:323 (null) 
3. sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (javax.net.ssl.SSLHandshakeException) 
    com.sun.net.ssl.internal.ssl.Alerts:174 (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLHandshakeException.html) 
4. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target (com.sun.jersey.api.client.ClientHandlerException) 
    com.sun.jersey.client.apache.DefaultApacheHttpMethodExecutor:213 (null) 
5. Component that caused exception is: DefaultJavaComponent{VideoAvailable.commponent.414853995}. Message payload is of type: VideoEvent (org.mule.component.ComponentException) 
    org.mule.component.DefaultComponentLifecycleAdapter:359 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/component/ComponentException.html) 
-------------------------------------------------------------------------------- 
Root Exception stack trace: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) 
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) 
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) 
    + 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything) 
******************************************************************************** 

我可以添加證書連接到模塊B的遠程服務模塊A的信任和兩個模塊正常工作在Windows 7

是運行在SunOS 5.10上相同配置的JRE 1.6.0_06運行（我知道這是舊的）， 產生以下錯誤：

2012/05/08 17:42:32 | ERROR 2012-05-08 17:42:32,265 [VideoAvailable.stage1.04] org.mule.exception.DefaultMessagingExceptionStrategy: 
2012/05/08 17:42:32 | ******************************************************************************** 
2012/05/08 17:42:32 | Message    : Component that caused exception is: DefaultJavaComponent{VideoAvailable.commponent.6015177}. Message payload is of type: VideoEvent 
2012/05/08 17:42:32 | Code     : MULE_ERROR--2 
2012/05/08 17:42:32 | -------------------------------------------------------------------------------- 
2012/05/08 17:42:32 | Exception stack is: 
2012/05/08 17:42:32 | 1. the trustAnchors parameter must be non-empty (java.security.InvalidAlgorithmParameterException) 
2012/05/08 17:42:32 | java.security.cert.PKIXParameters:183 (null) 
2012/05/08 17:42:32 | 2. Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty (java.lang.RuntimeException) 
2012/05/08 17:42:32 | sun.security.validator.PKIXValidator:59 (null) 
2012/05/08 17:42:32 | 3. java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty (javax.net.ssl.SSLException) 
2012/05/08 17:42:32 | com.sun.net.ssl.internal.ssl.Alerts:190 (http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/net/ssl/SSLException.html) 
2012/05/08 17:42:32 | 4. javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty (com.sun.jersey.api.client.ClientHandlerException) 
2012/05/08 17:42:32 | com.sun.jersey.client.apache.DefaultApacheHttpMethodExecutor:213 (null) 
2012/05/08 17:42:32 | 5. Component that caused exception is: DefaultJavaComponent{VideoAvailable.commponent.6015177}. Message payload is of type: VideoEvent (org.mule.component.ComponentException) 
2012/05/08 17:42:32 | org.mule.component.DefaultComponentLifecycleAdapter:359 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/component/ComponentException.html) 
2012/05/08 17:42:32 | -------------------------------------------------------------------------------- 
2012/05/08 17:42:32 | Root Exception stack trace: 
2012/05/08 17:42:32 | java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty 
2012/05/08 17:42:32 | at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:183) 
2012/05/08 17:42:32 | at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:103) 
2012/05/08 17:42:32 | at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:87) 
2012/05/08 17:42:32 |  + 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything) 
2012/05/08 17:42:32 | ******************************************************************************** 

兩者都可以在Windows 7和SunOS上獨立運行。兩者在Windows 7上運行良好。 兩者在SunOS上都不兼容。另外，將模塊B所需的證書添加到 /NFL/ESB/apps/jdk1.6.0_06/jre/lib/security/cacerts並彈起Mule並沒有幫助。我也嘗試將我的Windows 7 JDK配置爲指向SunOS cacerts的副本（用於默認值），並且不會重現Sun錯誤。

Answer 1

是否有可能使用「\」作爲路徑分隔符，從而在SunOS上失敗？

Answer 2

我能夠重新配置模塊A使用默認的信任存儲區：

<https:connector name="proxiedHttpsConnector" 
    http:proxyHostname="${feeds.proxy.server}" 
    http:proxyPort="${feeds.proxy.port}"/> 

，然後讓這兩個模塊一起運行。

就主要目標而言，這可以正常工作。我從未完全解決了Windows 7和Solaris之間不同的信任存儲初始化路徑 ，但花費了足夠的時間解決這個問題，我需要繼續前進。