0
我正在爲一個會計系統需要包含有關銷售數據的XML文件,將它發送到一個政府服務器的功能,並接收響應消息。您還需要一些證書來確保發件人的真實性。我使用其他人的客戶端來完成加密,調用Web服務,處理證書,接收消息等等的艱苦工作。我只需編寫一個簡單的應用程序來調用該客戶端的函數並將其發送給文件,證書和一些參數。
錯誤
我的應用程序出現了操場服務器上測試時工作正常。但是,當我嘗試使用生產消息生產服務器時(即使生產服務器上的生產消息在2016年12月1日之前不被視爲實際的合法銷售,它們纔剛剛開始),應用程序會拋出一個錯誤,這非常奇怪,因爲任何在晚些時候開發類似應用程序的開發者在發佈應用程序之前都沒有機會發現這個錯誤。
問題
的問題是,錯誤指向某個客戶端的加密/安全庫。我從來沒有處理過任何事情,所以我完全失去了從哪裏開始尋找。最重要的是,這個錯誤似乎相當罕見,我發現的幾個筆記在很大程度上與我的項目無關,或者至少這是他們對我的看法,因爲我對該領域的理解不夠。
以下是堆棧跟蹤。如果有人更熟悉這些圖書館可以指出我的錯在何處,我將非常感激。請詢問您是否需要更多信息/測試。
WARNING: Interceptor for {http://fs.mfcr.cz/eet/schema/v3}EETService#{http://fs.mfcr.cz/eet/schema/v3}OdeslaniTrzby has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Error during certificate path validation: No trusted certs found
at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:277)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:333)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:190)
at cz.tomasdvorak.eet.client.security.SecureEETCommunication$1.handleMessage(SecureEETCommunication.java:135)
at cz.tomasdvorak.eet.client.security.SecureEETCommunication$1.handleMessage(SecureEETCommunication.java:119)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:802)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1673)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1551)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1348)
at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:56)
at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:215)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:651)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy70.odeslaniTrzby(Unknown Source)
at cz.tomasdvorak.eet.client.EETClientImpl.submitReceipt(EETClientImpl.java:39)
at cz.tomasdvorak.eetdemo.Main.main(Main.java:134)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Error during certificate path validation: No trusted certs found
at org.apache.wss4j.common.crypto.Merlin.verifyTrust(Merlin.java:877)
at cz.tomasdvorak.eet.client.security.MerlinWithCRLDistributionPointsExtension.verifyTrust(MerlinWithCRLDistributionPointsExtension.java:34)
at org.apache.wss4j.dom.validate.SignatureTrustValidator.verifyTrustInCerts(SignatureTrustValidator.java:108)
at org.apache.wss4j.dom.validate.SignatureTrustValidator.validate(SignatureTrustValidator.java:64)
at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:185)
at org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:428)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:278)
... 23 more