1. 首頁
  2. 問答
  3. SSLHandshakeException使用t3s weblogic

SSLHandshakeException使用t3s weblogic

2014-02-26 102 views
3

我已經完成t3s設置和配置它。現在,當我嘗試撥打電話時,會得到異常情況。請幫助傢伙。SSLHandshakeException使用t3s weblogic

是否嘗試過的URL提到steps Enterprise Software Development with Java: WebLogic Server SSL (https/t3s) and Java Web Start

以及下面的代碼列爲按照Configuring Transport-Level Security

System.setProperty("weblogic.security.SSL.ignoreHostnameVerification","true"); 
System.setProperty("java.protocol.handler.pkgs", "weblogic.net"); 
System.setProperty("weblogic.security.TrustKeyStore","CustomTrust"); 
System.setProperty("weblogic.security.CustomTrustKeyStoreFileName","TRUST_STORE_LOCATION"); 
System.setProperty("weblogic.security.CustomTrustKeyStorePassPhrase","TRUST_STORE_PASSWORD"); 
System.setProperty("weblogic.security.CustomTrustKeyStoreType","JKS");

例外:

[java] <Feb 25, 2014 1:14:22 AM EST> <Info> <Security> <BEA-090905> <Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.> 
[java] <Feb 25, 2014 1:14:22 AM EST> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true.> 
[java] <Feb 25, 2014 1:14:22 AM EST> <Info> <Security> <BEA-090908> <Using the default WebLogic SSL Hostname Verifier implementation.> 
[java] 
[java] TYPE_PARAM = ERROR 
[java] CODE_PARAM = null 
[java] MESSAGE_PARAM = null 
[java] 
[java] 
[java] at junit.extensions.jfunc.SALQATestCase.runBare(SALQATestCase.java:111) 
[java] at junit.extensions.jfunc.SALQATestCase$1.protect(SALQATestCase.java:96) 
[java] at junit.framework.TestResult.runProtected(TestResult.java:124) 
[java] at junit.extensions.jfunc.SALQATestCase.run(SALQATestCase.java:99) 
[java] at junit.framework.TestSuite.runTest(TestSuite.java:208) 
[java] at junit.framework.TestSuite.run(TestSuite.java:203) 
[java] at junit.extensions.jfunc.textui.SALQARunner.doRun(SALQARunner.java:69) 
[java] at junit.extensions.jfunc.textui.SALQARunner.run(SALQARunner.java:314) 
[java] Caused by: javax.naming.CommunicationException [Root exception is java.net.ConnectException: t3s://xxxxxxxxxx.com:7002: Destination xx.xx.xx.xx, 7002 unreachable; nested exception is: 
[java] javax.net.ssl.SSLHandshakeException: General SSLEngine problem; No available router to destination] 
[java] at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:40) 
[java] at weblogic.jndi.WLInitialContextFactoryDelegate.toNamingException(WLInitialContextFactoryDelegate.java:808) 
[java] at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:363) 
[java] at weblogic.jndi.Environment.getContext(Environment.java:319) 
[java] at weblogic.jndi.Environment.getContext(Environment.java:288) 
[java] at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:117) 
[java] at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667) 
[java] at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288) 
[java] at javax.naming.InitialContext.init(InitialContext.java:223) 
[java] at javax.naming.InitialContext.<init>(InitialContext.java:197) 
[java] 
[java] Caused by: java.net.ConnectException: t3s://xxxxxxxxxx.com:7002: Destination xx.xx.xx.xx, 7002 unreachable; nested exception is: 
[java] javax.net.ssl.SSLHandshakeException: General SSLEngine problem; No available router to destination 
[java] at weblogic.rjvm.RJVMFinder.findOrCreateInternal(RJVMFinder.java:216) 
[java] at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:169) 
[java] at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:165) 
[java] at weblogic.jndi.WLInitialContextFactoryDelegate$1.run(WLInitialContextFactoryDelegate.java:342) 
[java] at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363) 
[java] at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146) 
[java] at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:337) 
[java] ... 21 more 
[java] Caused by: java.rmi.ConnectException: Destination xx.xx.xx.xx, 7002 unreachable; nested exception is: 
[java] javax.net.ssl.SSLHandshakeException: General SSLEngine problem; No available router to destination 
[java] at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:490) 
[java] at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:328) 
[java] at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:267) 
[java] at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:204) 
[java] at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:238) 
[java] at weblogic.rjvm.RJVMFinder.findOrCreateInternal(RJVMFinder.java:200)

在netstat的獲得的文章。我在聽模式中看到7002。這不正確嗎?

$ netstat -tulpn | grep :7002 
(Not all processes could be identified, non-owned process info 
will not be shown, you would have to be root to see it all.) 
tcp  0  0 xxxxxxxxxxxxxxxxxxxxxx:7002 :::*      LISTEN  25657/java 
tcp  0  0 ::xxxx:127.0.0.1:7002  :::*      LISTEN  25657/java 
tcp  0  0 xxxx::xxxxxxxxxxxxxxxx:7002 :::*      LISTEN  25657/java 
tcp  0  0 ::xxxx:xx.xxx.xx.xx:7002 :::*      LISTEN  25657/java

來源

2014-02-26 Prateek Agarwal

+0

它看起來像Weblogic拋出一個完全不合適的SSLHandshakeException,當它應該拋出一個ConnectException,但'目標不可達'的部分不 你明白? – EJP

回答

0

你所得到的錯誤不是SSLHandshake錯誤,它說

「java.net.ConnectException:T3S://xxxxxxxxxx.com:7002:目標XX.XX.XX.XX, 7002無法訪問「

1)檢查您提供的網址。

2)你認爲DNS端口

3)確保沒有防火牆阻止請求上一個telnet。

4)如果7002如果你的管理服務器的端口(我假設你只有一臺服務器在域中),然後嘗試訪問https://DNS:7002/console,看看是否先加載罰款。

來源

2014-02-26 12:02:48 SridharS

+0

netstat -tulpn | grep:7002被列爲LISTEN。這不正確嗎? –

6

SSL錯誤通常會引起誤解。 SSLHandshakeException通常是一個證書問題(SSL連接無法驗證爲可信)。

您的服務器很可能使用自簽名證書簽名,該證書通常需要添加到cacerts密鑰庫以允許SSL信任它。即您需要將來自Weblogic服務器的SSL證書添加到您的JDK/JRE密鑰庫中。看到答案(縣)這個問題:

How to properly import a selfsigned certificate into Java keystore that is available to all Java applications by default

如果你是在UNIX上,在上述工作的聯繫,-是命令。如果你在windows上,你需要的所有UNIX實用程序(openssl,sed)都祕密地包含在GIT的安裝中,或者你可以使用cygwin。我所要做的只是使用openssl獲取證書,然後使用keytool(JDK的一部分)將其添加到我的JDK的cacerts文件中。 (%JAVA_HOME%\ jre \ lib \ security \ cacerts)

注意:如果您將證書導入到〜/ .keystore(在windows:%userprofile%上)。密鑰庫)文件,它仍然會失敗,但你可能會得到不同的異常:

javax.net.ssl.SSLHandshakeException: General SSLEngine problem; No available router to destination

一旦連接成功,它看起來就像這樣:

Connecting to t3s://*********:7001 with userid ********... 
<Jul 23, 2014 4:00:25 PM EDT> <Info> <Security> <BEA-090905> <Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.> 
<Jul 23, 2014 4:00:25 PM EDT> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true.> 
<Jul 23, 2014 4:00:25 PM EDT> <Info> <Security> <BEA-090908> <Using the default WebLogic SSL Hostname Verifier implementation.> 
Successfully connected to Admin Server "AdminServer" that belongs to domain "******".

另一個相關的職位上檢索並添加一個SSL密鑰(通過Java):Java keytool easy way to add server cert from url/port

來源

2014-07-23 20:21:50

相關問題

 相關問題