gpt4 book ai didi

java - 使用 CXF 生成的客户端在 weblogic 12c 中使用 Web 服务时出现 SSL 异常

转载 作者:太空宇宙 更新时间:2023-11-03 14:51:43 24 4
gpt4 key购买 nike

我在 Weblogic 12.1.3.0.3 中有一个支持 CXF 2.7.18 的 SOAP WebService 客户端。在 WebService Proxy Client 创建期间进行 SSL 检查并通过。但是在实际的方法调用期间,我遇到了 SSL 异常(如下)。

如果我以显式/编程方式添加具有 Weblogic trustStore 路径的属性或添加到 cxf.xml trustManager 标记中,一切正常,因此看起来 CXF 服务在实际调用期间不使用某些带有填充证书的 Weblogic API。

set JAVA_OPTIONS=%JAVA_OPTIONS% -Djavax.net.ssl.trustStore=C:\<...>\wlserver\server\lib\DemoTrust.jks -Djavax.net.ssl.trustStorePassword=DemoTrustKeyStorePassPhrase
@Rem -Djavax.net.ssl.keyStore=C:\<...>\wlserver\server\lib\DemoTrust.jks -Djavax.net.ssl.keyStorePassword=DemoTrustKeyStorePassPhrase

这是我的 cxf.xml 文件。当我取消注释指向我的 weblogic DemoTrust.jks 消息的自定义信任管理器时,会发送消息,否则我会收到异常。

<http-conf:conduit name="*.http-conduit">
<http-conf:client Connection="Keep-Alive"
ConnectionTimeout="300000"
ReceiveTimeout="10800000"
CacheControl="no-cache"/>
<http-conf:tlsClientParameters disableCNCheck="true" >
<!--<sec:trustManagers >
<sec:keyStore type="JKS" password="DemoTrustKeyStorePassPhrase"
file="C:\...\wlserver\server\lib\DemoTrust.jks"/>
</sec:trustManagers>-->
</http-conf:tlsClientParameters>
</http-conf:conduit>

我也尝试过 useHttpsURLConnectionDefaultSslSocketFactory="true" 但无济于事。

我也试过使用 Weblogic 服务器 SSL 选项。

我也看过这样的东西,我无法弄清楚如何在 Weblogic 中使用它: How to set up Apache CXF client to use WebSphere truststore? (Receiving "No trusted certificate found" exception.)

这是我的 weblogic-application.xml:

<?xml version="1.0" encoding="UTF-8"?>
<weblogic-application
xmlns="http://www.bea.com/ns/weblogic/weblogic-application" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-application http://www.bea.com/ns/weblogic/weblogic-application/1.0/weblogic-application.xsd">
<prefer-application-packages>
<package-name>org.apache.log4j.*</package-name>
<package-name>org.apache.commons.lang.*</package-name>
</prefer-application-packages>

<!--<prefer-application-packages>
<package-name>org.apache.log4j.*</package-name>
<package-name>org.apache.commons.lang.*</package-name>
<package-name>org.apache.cxf.common.jaxb.*</package-name>
<package-name>com.ctc.wstx.*</package-name>
<package-name>javax.wsdl.*</package-name>
<package-name>org.apache.cxf.*</package-name>
</prefer-application-packages>-->

</weblogic-application>

这本身就是一个异常(exception):

Nov 18, 2015 3:37:24 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
WARNING: Interceptor for <Service Method Contract> has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Could not send Message.
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:136)
at com.sun.proxy.$Proxy293.getTaxonomyBasicInformation(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
<Business methods calls>
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:561)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:265)
at com.db.fdw.common.gxt.web.server.DefaultRemoteServiceServlet.processCall(DefaultRemoteServiceServlet.java:71)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:305)
at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:751)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:844)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:280)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:254)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:136)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:346)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:25)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:79)
at com.db.fdw.dbent.api.FdwAuthFilter.doFilter(FdwAuthFilter.java:35)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:79)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:79)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3436)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3402)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:57)
at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2285)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2201)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1572)
at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:255)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:311)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:263)
Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https:<Service URL> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.c
ertpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1346)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1330)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
... 56 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to
requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at weblogic.net.http.HttpsClient.New(HttpsClient.java:568)
at weblogic.net.http.HttpsClient.New(HttpsClient.java:539)
at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:248)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:636)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:1444)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.getResponseCode(URLConnectionHTTPConduit.java:266)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.doProcessResponseCode(HTTPConduit.java:1550)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1579)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1520)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1317)
... 59 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
... 77 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 83 more

请提供任何想法/帮助,将不胜感激。

最佳答案

需要在JDK安全中导入证书。按照以下 2 步完成。

  • Step-1 Goto Below java security 目录

/path/to/java/jdk/jre/lib/security

  • Step-2 运行以下命令

keytool -import -keystore cacerts -file /path/to/your/cert.cer

关于java - 使用 CXF 生成的客户端在 weblogic 12c 中使用 Web 服务时出现 SSL 异常,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/33783978/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com