1. 首页
  2. 问答
  3. Web服务客户端 - SSL证书

Web服务客户端 - SSL证书

2014-07-16 235 views
0

我试图使用JAXWS-Maven的插件与wsimport的目标,以创建Web服务客户端,这个POM:Web服务客户端 - SSL证书

<plugin> 
     <groupId>org.jvnet.jax-ws-commons</groupId> 
     <artifactId>jaxws-maven-plugin</artifactId> 
     <version>2.2</version> 
     <executions> 
      <execution> 
       <goals> 
        <goal>wsimport</goal> 
       </goals> 
      </execution> 
     </executions> 
     <configuration> 
      <wsdlUrls> 
       <wsdlUrl> 
        https://test.test/WSTtest?wsdl 
       </wsdlUrl> 
      </wsdlUrls> 
      <verbose>true</verbose> 
     </configuration> 

     <dependencies> 
      <dependency> 
       <groupId>javax.xml</groupId> 
       <artifactId>webservices-api</artifactId> 
       <version>1.4</version> 
      </dependency> 
     </dependencies> 
    </plugin>

但我得到的错误

[错误] java.security.cert.CertificateException:没有与IP地址匹配的主题替代名称93.92.169.114 found

因为我需要证书。正如我在SSL client certificate in Maven阅读我在我的POM添加与认证文件的位置相关的propertie:

<plugin> 
    <groupId>org.codehaus.mojo</groupId> 
    <artifactId>properties-maven-plugin</artifactId> 
    <version>1.0-alpha-2</version> 
    <executions> 
     <execution> 
     <goals> 
      <goal>set-system-properties</goal> 
     </goals> 
     <configuration> 
      <properties> 
      <property> 
       <name>javax.net.ssl.trustStore</name> 
       <value>c:\certificate.crt</value> 
      </property> 
      </properties> 
     </configuration> 
     </execution> 
    </executions> 
    </plugin>

但现在我得到其他错误:

[错误] java.security.NoSuchAlgorithmException:错误构建实现(算法:默认,提供程序:SunJSSE,类:sun.security.ssl.SSLContextImpl $ DefaultSSLContext)

当我在Java Exception on SSLSocket creation中读取时似乎与认证文件的格式有关。我试图通过在POM中添加具有相同结果的属性来指示文件类型。

<properties> 
      <property> 
       <name>javax.net.ssl.trustStoreType</name> 
       <value>JCEKS</value> 
      </property> 
      <property> 
       <name>javax.net.ssl.trustStore</name> 
       <value>c:\certificate.crt</value> 
      </property> 

      </properties>

任何想法我该如何解决这个问题?我做错了什么?这是证明文件在哪里的适当方法吗?

感谢

来源

2014-07-16 Xavi

+0

This answer may help - http://stackoverflow.com/a/6483650/2719186 –

回答

0

那么,你可以尝试禁用所有SSL信任检查:

import java.security.AccessController; 
import java.security.InvalidAlgorithmParameterException; 
import java.security.KeyStore; 
import java.security.KeyStoreException; 
import java.security.PrivilegedAction; 
import java.security.Security; 
import java.security.cert.X509Certificate; 
import javax.net.ssl.ManagerFactoryParameters; 
import javax.net.ssl.TrustManager; 
import javax.net.ssl.TrustManagerFactorySpi; 
import javax.net.ssl.X509TrustManager; 

public final class XTrustProvider extends java.security.Provider { 

     private final static String NAME = "XTrustJSSE"; 
     private final static String INFO = "XTrust JSSE Provider (implements trust factory with truststore validation disabled)"; 
     private final static double VERSION = 1.0D; 

     public XTrustProvider() { 
       super(NAME, VERSION, INFO); 

       AccessController.doPrivileged(new PrivilegedAction() { 
         public Object run() { 
           put("TrustManagerFactory." + TrustManagerFactoryImpl.getAlgorithm(), TrustManagerFactoryImpl.class.getName()); 
           return null; 
         } 
       }); 
     } 

     public static void install() { 
       if(Security.getProvider(NAME) == null) { 
         Security.insertProviderAt(new XTrustProvider(), 2); 
         Security.setProperty("ssl.TrustManagerFactory.algorithm", TrustManagerFactoryImpl.getAlgorithm()); 
       } 
     } 

     public final static class TrustManagerFactoryImpl extends TrustManagerFactorySpi { 
       public TrustManagerFactoryImpl() { } 
       public static String getAlgorithm() { return "XTrust509"; } 
       protected void engineInit(KeyStore keystore) throws KeyStoreException { } 
       protected void engineInit(ManagerFactoryParameters mgrparams) throws InvalidAlgorithmParameterException { 
         throw new InvalidAlgorithmParameterException(XTrustProvider.NAME + " does not use ManagerFactoryParameters"); 
       } 

       protected TrustManager[] engineGetTrustManagers() { 
         return new TrustManager[] { 
           new X509TrustManager() { 
             public X509Certificate[] getAcceptedIssuers() { return null; } 
             public void checkClientTrusted(X509Certificate[] certs, String authType) { } 
             public void checkServerTrusted(X509Certificate[] certs, String authType) { } 
           } 
         }; 
       } 
     } 
}

简单的通话XTrustProvider.install();禁用所有证书检查。也许这个解决方法也解决了你的问题。但请记住,这只是一个解决方法。

来源

2014-07-16 09:08:34 sk2212

相关问题

 相关问题