spring - 带有 Jersey for SSL 的 ApacheConnectorProvider 抛出错误-6ren

spring - 带有 Jersey for SSL 的 ApacheConnectorProvider 抛出错误

转载作者：太空宇宙更新时间：2023-11-03 12:59:14

我正在尝试使用 SSL URL 发布服务调用。我遇到异常。

javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at org.glassfish.jersey.apache.connector.ApacheConnector.apply(ApacheConnector.java:517)
    at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:246)
    at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:667)
    at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:664)
    at org.glassfish.jersey.internal.Errors.process(Errors.java:315).

我正在使用 Spring、Jersey 并尝试使用 ApacheClient(使用原因，在 Weblogic 上它采用 Weblogic 特定的 HTTP 处理程序，我知道我们可以使用“DUseSunHttpHandler=true”，但我不想在生产环境中这样做).

请注意，只有 Jersey 实现，它才能在 Tomcat 和 Weblogic 上使用 http。但是对于 HTTPS，它在 Tomcat 中工作，而不是在 Weblogic 中工作。所以去了 ApacheConnectionProvider，从那里它也不能在 Tomcat 中工作。

POM 条目

<dependency>
        <groupId>org.glassfish.jersey.core</groupId>
        <artifactId>jersey-client</artifactId>
        <version>2.15</version>
        <scope>compile</scope>
    </dependency>
    <dependency>
        <groupId>org.glassfish.jersey.core</groupId>
        <artifactId>jersey-common</artifactId>
        <version>2.15</version>
        <scope>compile</scope>
    </dependency>
    <dependency>
        <groupId>javax.ws.rs</groupId>
        <artifactId>javax.ws.rs-api</artifactId>
        <version>2.0.1</version>
        <scope>compile</scope>
    </dependency>
    <dependency>
        <groupId>org.apache.httpcomponents</groupId>
        <artifactId>httpclient</artifactId>
        <version>4.4</version>
    </dependency>
    <dependency>
        <groupId>org.glassfish.jersey.connectors</groupId>
        <artifactId>jersey-apache-connector</artifactId>
        <version>2.15</version>
    </dependency>

代码

public Client getClient() {
        ClientConfig clientConfig = new ClientConfig();
        clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, new PoolingHttpClientConnectionManager());
        //config your ssl for apache connector
        SslConfigurator sslConfig = SslConfigurator.newInstance();

        String trustStoreFile = "C:\\Development\\svn\\ecomm-webapp\\profiles\\uat\\workflowtrust.jks";
        String trustStorePassword ="ABC12";
        String keyStoreFile = "C:\\Development\\svn\\ecomm-webapp\\profiles\\uat\\workflow.jks";
        String keyPassword ="abc12";
        sslConfig.trustStoreFile(trustStoreFile).keyStoreFile(keyStoreFile).keyStorePassword(trustStorePassword).trustStorePassword(trustStorePassword).securityProtocol("SSL");
        clientConfig.property(ApacheClientProperties.SSL_CONFIG, sslConfig);
        ApacheConnectorProvider connector = new ApacheConnectorProvider();
        clientConfig.connectorProvider(connector);

        return  ClientBuilder.newClient(clientConfig);
    }

调用代码

public <T> T postXmlFile(final File inputXml, final String targetUrl, Class<T> resultResponse, final RestfulServiceVerifier<T> restfulServiceVerifier) throws FunctionalException {
        return post(MediaType.APPLICATION_XML_TYPE, MediaType.TEXT_XML_TYPE, inputXml, targetUrl, resultResponse, restfulServiceVerifier);
    }

    private <T> T post(final MediaType type, final MediaType accept, final Object entity, final String targetUrl, Class<T> resultResponse, final RestfulServiceVerifier<T> restfulServiceVerifier) throws FunctionalException {
        Response response = null;
        int responseStatus = -1;
        T result = null;
        while (restfulServiceVerifier.hasNextWorkFlowHit()) {
            try {
                response = restFulWebTargetFactory.getClient().target(targetUrl)
                        .request(type)
                        .post(Entity.entity(entity, accept));

                responseStatus = response.getStatus();
                if(EcommConstants.WORKFLOW_ORDER_PROPOSAL_SUCCESS_CODE == responseStatus) {
                    final String resultInString =  response.readEntity(String.class);
                    //for audit purpose
                    if (LOG_XML_MESSAGE) {
                        log.info("XML Response "+ resultInString);
                    }
                    result = unMarshalXML(resultInString, resultResponse);
                    restfulServiceVerifier.checkResponse(result, responseStatus);
                }

            } catch (WorkFlowRetryException workFlowException) {
                throw new FunctionalException("WebService post failed. ", workFlowException);
            }catch (WorkFlowValidationException workFlowValidationException) {
                log.error("Service Response Validation Exception " + workFlowValidationException.getErrorCode() + " Error Description " + workFlowValidationException.getDescription(), workFlowValidationException);
            }catch (final Exception e) {
                log.error("Exception occurred" , e);
            } finally {
                if(null != response) {
                    response.close();
                }
            }
        }
        if(-1 == responseStatus) {
            throw new FunctionalException("WebService post failed. ", new Exception());
        }
        return result;
    }

最佳答案

我修好了，请找到解决方案。我更改了 getClient() 方法。

我创建了 org.apache.http.conn.ssl.DefaultHostnameVerifier。这是我更改的代码片段。DefaultHostnameVerifier(我只需要默认的)
使用信任库和 key 配置文件配置 SslConfigurator
创建 LayeredConnectionSocketFactory 并从 SslConfigurator 和 defaultHostnameVerifier 注入(inject) SSLContext
为 http 和 https 创建了一个注册表
创建 ClientConfig 以使用注入(inject)注册表的 PoolingHttpClientConnectionManager 设置连接管理器
并将 SSL Config 设置为 Client Config
创建 ApacheConnectorProvider 并设置为 clientConfig

代码示例

private SslConfigurator createSSLContext() {
        return SslConfigurator.newInstance()
                .trustStoreFile(trustStoreFile)
                .trustStorePassword(trustStorePassword)
                .keyStoreFile(keyStoreFile)
                .keyPassword(keyPassword).securityProtocol("SSL");
    }


    @Override
    public Client getClient() {

        HostnameVerifier defaultHostnameVerifier=new DefaultHostnameVerifier();
        SslConfigurator sslConfig = createSSLContext();
        LayeredConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(
                sslConfig.createSSLContext(),
                defaultHostnameVerifier);

        final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
                .register("http", PlainConnectionSocketFactory.getSocketFactory())
                .register("https", sslSocketFactory)
                .build();

        ClientConfig clientConfig = new ClientConfig();
        clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, new PoolingHttpClientConnectionManager(registry));

        clientConfig.property(ApacheClientProperties.SSL_CONFIG, sslConfig);

        ApacheConnectorProvider connector = new ApacheConnectorProvider();
        clientConfig.connectorProvider(connector);
        return ClientBuilder.newBuilder().withConfig(clientConfig).build();
    }

关于spring - 带有 Jersey for SSL 的 ApacheConnectorProvider 抛出错误，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/28649011/

文章推荐： python - Tkinter 动画将不起作用

文章推荐： php - Codeigniter - 设置 SSL 并收到 404 错误

文章推荐： ssl - 字符串.h :29:8: error: expected identifier

文章推荐： python - 将 python 3.x 字典保存到 JSON

java - ApacheConnectorProvider : Jersey Client 2. 5.1
引用:https://jersey.java.net/documentation/latest/user-guide.html#d0e4337 .我正在尝试使用 ApacheConnector 作为
spring - 带有 Jersey for SSL 的 ApacheConnectorProvider 抛出错误
我正在尝试使用 SSL URL 发布服务调用。我遇到异常。 javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException:

太空宇宙

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

spring - 带有 Jersey for SSL 的 ApacheConnectorProvider 抛出错误