- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我部署了一个 Spring 微服务 docker。
我使用 JaxWsProxyFactoryBean 调用外部服务器(soap/wsdl)并且使用 http://externalServer 一切顺利:
JaxWsProxyFactoryBean jaxWsProxyFactoryBean = new JaxWsProxyFactoryBean();
jaxWsProxyFactoryBean.setAddress("http://externalServer");
...
当我在 setAddress 中调用 https 时出现问题。
org.apache.cxf.transport.https.SSLUtils : Default key managers cannot be initialized: Password must not be null
好的,我错过了密码。但是这个恶意密码放在哪里?在 application.yml?在系统属性中? [keystore中使用的密码是标准的(changeit)]
DEBUG 1 --- [ XNIO-1 task-1] org.apache.cxf.transport.https.SSLUtils : The location of the key store has not been set via a system parameter or through configuration so the default value of /root/.keystore will be used.
DEBUG 1 --- [ XNIO-1 task-1] org.apache.cxf.transport.https.SSLUtils : The key store password has not been set via a system property or through configuration, reading data from the keystore will fail.
DEBUG 1 --- [ XNIO-1 task-1] org.apache.cxf.transport.https.SSLUtils : The key password has not been set via a system property or through configuration, reading data from the keystore will fail.
DEBUG 1 --- [ XNIO-1 task-1] org.apache.cxf.transport.https.SSLUtils : The keystore type has not been set in configuration so the default value of JKS will be used.
WARN 1 --- [ XNIO-1 task-1] org.apache.cxf.transport.https.SSLUtils : Default key managers cannot be initialized: Password must not be null
使用标准 keystore 但没有密码。
最佳答案
从您的问题的评论部分查看我们的对话,我可以得出结论,您的 Apache CXF 没有配置 ssl。您需要做的是读取包含可信证书的 keystore 并将其加载到您的SSLContext
中。与 TrustManagerFactory 和 TrustManager。
以下是您可以尝试的示例配置:
选项 1 - 纯 Java
import org.apache.cxf.bus.CXFBusFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.transport.http.HTTPConduitConfigurer;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import java.nio.file.Paths;
import java.security.KeyStore;
public class App {
public static void main(String[] args) throws Exception {
InputStream identityAsInputStream = Files.newInputStream(Paths.get("/path/to/your/identity.jks"));
KeyStore identity = KeyStore.getInstance(KeyStore.getDefaultType());
identity.load(identityAsInputStream, "keystore-password".toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(identity, "key-password".toCharArray());
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
InputStream trustStoreInputStream = Files.newInputStream(Paths.get("/path/to/your/truststore.jks"));
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(trustStoreInputStream, "truststore-password".toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, null);
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setAddress("https://some-secure-server.com/");
factory.setBus(new CXFBusFactory().createBus());
factory.getBus().setExtension((name, address, httpConduit) -> {
TLSClientParameters tls = new TLSClientParameters();
tls.setSSLSocketFactory(sslContext.getSocketFactory());
httpConduit.setTlsClientParameters(tls);
}, HTTPConduitConfigurer.class);
WebClient webClient = factory.createWebClient();
}
}
选项 2 - 使用库的简化配置
import nl.altindag.ssl.SSLFactory;
import org.apache.cxf.bus.CXFBusFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.transport.http.HTTPConduitConfigurer;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) throws Exception {
SSLFactory sslFactory = SSLFactory.builder()
.withIdentityMaterial(Paths.get("/path/to/your/identity.jks"), "keystore-password".toCharArray())
.withTrustMaterial(Paths.get("/path/to/your/truststore.jks"), "truststore-password".toCharArray())
.build();
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setAddress("https://some-secure-server.com/");
factory.setBus(new CXFBusFactory().createBus());
factory.getBus().setExtension((name, address, httpConduit) -> {
TLSClientParameters tls = new TLSClientParameters();
tls.setSSLSocketFactory(sslFactory.getSslSocketFactory());
httpConduit.setTlsClientParameters(tls);
}, HTTPConduitConfigurer.class);
WebClient webClient = factory.createWebClient();
}
}
该库在此处可用:
GitHub - SSLContext Kickstart
关于spring - Apache CXF JaxWsProxyFactoryBean SSL 配置调用外部 https 失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/66905254/
如何使用 cxf (JaxWsProxyFactoryBean) 为 Web 服务客户端设置摘要身份验证类型?截至目前,当我在工厂对象中设置用户名密码时,我的客户端默认采用基本身份验证类型。并且请求消
我正在从 JBoss 6.1.0 JBoss EAP 4.2.xa 迁移应用程序。 我知道我改变了很多事情,其中最重要的一点是 JBoss 现在包含了大部分框架/最常用的库(模块),这很棒(war
好吧,我遇到了一个关于如何使用 JaxWsProxyFactoryBean 为 SEI 创建客户端的示例- JaxWsProxyFactoryBean factory = new JaxWsProxy
我部署了一个 Spring 微服务 docker。 我使用 JaxWsProxyFactoryBean 调用外部服务器(soap/wsdl)并且使用 http://externalServer 一切顺
JaxWsProxyFactoryBean 以及何时应该使用从 wsdl 或 JAX-WS 代理生成的 Java stub ? 有什么优点或缺点吗? 谢谢 最佳答案 工厂 bean 特定于 CXF,但
我正在使用 JAX-WS 的 apache CXF 实现。我的 Web 服务是使用 JaxWsProxyFactoryBean 通过 spring xml 配置进行配置的:
我编写了一个使用 Web 服务的客户端。在单独的项目中运行良好。但是当我尝试在我的 Maven 项目中使用它时,它失败了。依赖项是正确的: org.apache.cxf cx
我是一名优秀的程序员,十分优秀!