gpt4 book ai didi

web-services - java webservice客户端中的握手异常

转载 作者:太空宇宙 更新时间:2023-11-03 12:42:07 25 4
gpt4 key购买 nike

我正在尝试为安全的 https 连接实现一个网络客户端。我导入了服务器证书并将其添加到 java keystore 中。但是当我尝试运行客户端时出现以下异常:--

Oct 18, 2013 3:25:25 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging WARNING: Interceptor for 

{http://tempuri.org/}Service#{http://tempuri.org/}GetUserInformation has thrown exception,
unwinding now org.apache.cxf.interceptor.Fault: Could not send Message.
at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
at $Proxy29.getUserInformation(Unknown Source)
at
org.tempuri.ServiceSoap_ServiceSoap_Client.main(ServiceSoap_ServiceSoap_Client.java:78)
Caused by: java.io.IOException: IOException invoking
myurl/**/**/asmx: The https URL hostname does not
match the Common Name (CN) on the server certificate in the client's truststore. Make sure
server certificate is correct, or to disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1338)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1322)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:627)
at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
... 9 more
Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN)
on the server certificate in the client's truststore. Make sure server certificate is
correct, or to disable this check (NOT recommended for production) set the CXF client TLS
configuration property "disableCNCheck" to true.
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1241) at
org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195)
at
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at
org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69) at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1295)
... 12 more
Exception in thread "main" javax.xml.ws.WebServiceException: Could not send Message.
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
at $Proxy29.getUserInformation(Unknown Source)
at
org.tempuri.ServiceSoap_ServiceSoap_Client.main(ServiceSoap_ServiceSoap_Client.java:78)
Caused by: java.io.IOException: IOException invoking
myurl/**/**/asmx: The https URL hostname does not

match the Common Name (CN) on the server certificate in the client's truststore. Make sure

server certificate is correct, or to disable this check (NOT recommended for production) set

the CXF client TLS configuration property "disableCNCheck" to true.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1338)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1322)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:627)
at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
... 2 more
Caused by: java.io.IOException: The https URL hostname does not match the Common Name (CN)
on the server certificate in the client's truststore. Make sure server certificate is
correct, or to disable this check (NOT recommended for production) set the CXF client TLS
configuration property "disableCNCheck" to true.
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1241)
at
org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:195)
at
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at
org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69) at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1295)

谁能帮我解决这个问题。提前致谢...

最佳答案

根据您必须选择的 CXF 客户端类型。如果您有基于 Spring 的客户端配置,则必须将属性添加到您的 http:conduit 配置中:

<http:conduit name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit">
<http:tlsClientParameters disableCNCheck="true">
<!-- other tls configuration parameters, like trustManagers -->
</http:tlsClientParameters>
</http:conduit>

name 必须与您的 WSDL 中的命名空间和端口名称相匹配。

如果您以编程方式创建客户端,则使用以下代码:

HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();

TLSClientParameters tlsCP = new TLSClientParameters();
// other TLS/SSL configuration like setting up TrustManagers
tlsCP.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsCP);

其中 port 是您调用的实际客户端代理。

这两个选项都可以在 CXF example that I modified here 中找到。

顺便说一句。在生产环境中使用此属性存在真正的威胁,因此请考虑为生产服务器颁发具有正确 CN 的新证书,而不是依赖于此 hack。

关于web-services - java webservice客户端中的握手异常,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19448972/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com