gpt4 book ai didi

javax.net.ssl.SSLHandshakeException : Received fatal alert: unknown_ca

转载 作者:搜寻专家 更新时间:2023-11-01 04:07:42 26 4
gpt4 key购买 nike

我必须通过 SSL 双重身份验证连接到服务器。我已将自己的私钥和证书添加到 keystore.jks 并将服务器的自签名证书添加到 truststore.jks,这两个文件都复制到/usr/分享/tomcat7。我的代码使用的套接字工厂由以下提供商提供:

@Singleton
public static class SecureSSLSocketFactoryProvider implements Provider<SSLSocketFactory> {
private SSLSocketFactory sslSocketFactory;

public SecureSSLSocketFactoryProvider() throws RuntimeException {
try {
final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
final InputStream trustStoreFile = new FileInputStream("/usr/share/tomcat7/truststore.jks");
trustStore.load(trustStoreFile, "changeit".toCharArray());
final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);

final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
final InputStream keyStoreFile = new FileInputStream("/usr/share/tomcat7/keystore.jks");
keyStore.load(keyStoreFile, "changeit".toCharArray());
final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, "changeit".toCharArray());

final SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);

this.sslSocketFactory = sslContext.getSocketFactory();

} catch (final KeyStoreException e) {
Log.error("Key store exception: {}", e.getMessage(), e);
} catch (final CertificateException e) {
Log.error("Certificate exception: {}", e.getMessage(), e);
} catch (final UnrecoverableKeyException e) {
Log.error("Unrecoverable key exception: {}", e.getMessage(), e);
} catch (final NoSuchAlgorithmException e) {
Log.error("No such algorithm exception: {}", e.getMessage(), e);
} catch (final KeyManagementException e) {
Log.error("Key management exception: {}", e.getMessage(), e);
} catch (final IOException e) {
Log.error("IO exception: {}", e.getMessage(), e);
}
}

@Override
public SSLSocketFactory get() {
return sslSocketFactory;
}
}

当我尝试连接到服务器上的端点时,出现以下异常:

javax.net.ssl.SSLHandshakeException: Received fatal alert: unknown_ca
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[na:1.7.0_45]
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) ~[na:1.7.0_45]
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959) ~[na:1.7.0_45]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077) ~[na:1.7.0_45]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[na:1.7.0_45]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[na:1.7.0_45]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[na:1.7.0_45]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) ~[na:1.7.0_45]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[na:1.7.0_45]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153) ~[na:1.7.0_45]

知道我错过了什么吗?

最佳答案

如果您从服务器收到警告 unknown_ca ,那么服务器不喜欢您作为客户端证书发送的证书,因为它不是由受信任的 CA 签名的客户端证书的服务器。

关于javax.net.ssl.SSLHandshakeException : Received fatal alert: unknown_ca,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28958514/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com