gpt4 book ai didi

java - HTTPS 上的 Weblogic 服务器 SSL 问题

转载 作者:太空宇宙 更新时间:2023-11-04 14:55:30 25 4
gpt4 key购买 nike

我使用的是 weblogic 10.3.6,并且我已将应用程序 A 和 B 部署到同一个盒子但不同的服务器实例中。

两台服务器都为 SSL 配置中的双向客户端证书行为选择“未请求客户端证书”。

每次我们重新启动服务器时,它在同一天都工作正常。但是从第二天开始,当应用程序 A 尝试向应用程序 B 调用 https 服务器请求时,我收到以下错误。

Weblogic 服务器日志跟踪:

    <Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket> 
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 455813>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <20666515 SSL Version 2 with no padding>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <21699288 SSL3/TLS MAC>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <21699288 received SSL_20_RECORD>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ClientHelloV2>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 58>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 4809>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 4>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <21699288 SSL3/TLS MAC>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <21699288 received ALERT>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 46
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.alert.AlertHandler.handleAlertMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at javax.net.ssl.impl.SSLSocketImpl.startHandshake(Unknown Source)
at weblogic.server.channels.DynamicSSLListenThread$1.run(DynamicSSLListenThread.java:130)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <Alert received from peer, notifying peer we received it: com.certicom.tls.record.alert.Alert@925980>
<Apr 15, 2014 10:32:34 AM SGT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from serverB- 192.168.1.XXX. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <close(): 20666515>
<Apr 15, 2014 10:32:34 AM SGT> <Debug> <SecuritySSL> <BEA-000000> <close(): 20666515>

最佳答案

您使用 apache 代理 (mod_weblogic),还是直接将请求定向到 weblogic 服务器。如果第二个选项为真,您必须确保服务器上有正确的证书。全部必须有效。

同时尝试选中/取消选中“使用 JSSE SSL”:

Domain -> Servers -> choose managed node -> Configuration -> SSL -> Advanced -> Use JSSE SSL

关于java - HTTPS 上的 Weblogic 服务器 SSL 问题,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23259444/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com