gpt4 book ai didi

java - 启用 2 路 SSL 的端点的 handshake_failure

转载 作者:太空宇宙 更新时间:2023-11-03 13:05:21 30 4
gpt4 key购买 nike

我一直在尝试连接到启用了 2 路 SSL 的服务端点。我正在使用 Spring resttemplate。我已将证书添加到 keystore 中,但出现以下错误:

>org.springframework.web.client.ResourceAccessException: I/O error on POST request for "path":Received fatal alert: handshake_failure; nested exception is javax.net.ssl.SSLException: Received fatal alert: handshake_failure
I enabled the SSL debus logs and in the logs I can see the warning as well:
<BEA-000000> <Warning: no suitable certificate found - continuing without client authentication>

相同的代码在我的 DEV 服务器上使用相同的实现工作正常,但在 UAT 服务器上不起作用,但在 UAT 服务器上,同一端点上的 REST 调用工作正常(这也是启用 2 路 SSL)。下面是我用于 SOAP 和 REST 调用的代码:休息:

ObjectMapper mapper = new ObjectMapper();
ServReqRespLogMgr reqRespLogMgr = (ServReqRespLogMgr)UtilityMgr.getBean("servReqRespLogMgr");
SSLContext sc = SSLContext.getInstance(StringUtils.trimToEmpty(PropertyUtil.getProperty("SSL_CONTEXT")));
PasswordEncryptor pe = new PasswordEncryptor();
KeyManagerFactory factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());

KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(PropertyUtil.getProperty("JKS_LOC_VALUE")), pe.decrypt(PropertyUtil.getProperty(IConstants.JKS_PWD_VALUE)).toCharArray());

factory.init(keyStore, pe.decrypt(PropertyUtil.getProperty(IConstants.JKS_PWD_VALUE)).toCharArray());

sc.init(factory.getKeyManagers(), null, null);
CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(sc).build();
ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);

RestTemplate restTemplate = new RestTemplate(requestFactory);
HttpHeaders headers = new HttpHeaders();

肥皂:

BindingProvider bindingProvider = (BindingProvider) services;
bindingProvider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, filenetWsUrl);
Map<String, List<String>> headers = new HashMap<String, List<String>>();
headers.put("X-APPCERT", Arrays.asList(StringUtils.trimToEmpty(PropertyUtil.getProperty("FILENET_APP_CERT"))));
bindingProvider.getRequestContext().put(MessageContext.HTTP_REQUEST_HEADERS,headers);
bindingProvider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, filenetWsUrl);
SSLContext sc = SSLContext.getInstance(StringUtils.trimToEmpty(PropertyUtil.getProperty("SSL_CONTEXT")));

KeyManagerFactory factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());

KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(PropertyUtil.getProperty("JKS_LOC_VALUE")), jksPwd);

factory.init(keyStore, jksPwd);


sc.init(factory.getKeyManagers(), null, null);

//sc.init(factory.getKeyManagers(), null, null);
//End Trust Store

((BindingProvider) services).getRequestContext().put(JAXWSProperties.SSL_SOCKET_FACTORY, sc.getSocketFactory());

我检查了看起来不错的 keystore 文件的权限。如果我切换到一种方式的 SSL 端点,那么它也可以正常工作。我的 Java 运行时是 1.8.0_144,我的应用服务器是 WebLogic 12.2.1.3。

谁能帮我解决这个问题?

最佳答案

以下是您必须检查的几项内容。

  1. 检查您的证书链是否已正确创建。
  2. 将您的证书添加到 CACERTS 文件并将 weblogic 配置为指向 CACERTS 文件。

这绝对可以解决您的问题。

关于java - 启用 2 路 SSL 的端点的 handshake_failure,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51599817/

30 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com