1
我想爲本地開發安裝jetty maven插件,但我堅持信任LDAP服務器的SSL,我使用Spring安全進行身份驗證。碼頭插件&SSL信任
我試着用truststore創建SSL連接器,但是我仍然在登錄時得到綁定異常。
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Arg>
<New class="org.eclipse.jetty.http.ssl.SslContextFactory">
<Set name="keyStore">servers/jetty/jetty.jks</Set>
<Set name="keyStorePassword">password</Set>
<Set name="keyManagerPassword">password</Set>
<Set name="trustStore">servers/trust.jks</Set>
<Set name="trustStorePassword">password</Set>
</New>
</Arg>
<Set name="port">443</Set>
<Set name="maxIdleTime">30000</Set>
</New>
</Arg>
</Call>
這是例外:
simple bind failed: host:port; nested exception is javax.naming.CommunicationException: simple bind failed: host:port [Root exception is javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert.CertPathValidatorException: The certificate issued by ROOT CA is not trusted; internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error]
好像信任存儲用於將連接器被限制爲傳入的SSL連接。無論如何,這與碼頭工作?