使用wsimport时的安全异常

Question

我想从wsdl文件生成存根文件，该文件可通过带有自签名证书的ssl连接到达。

<exec executable="wsimport"> 
<arg value="-d" /> 
<arg value="${absolute.path.to.project}/gen" /> 
<arg value="-s" /> 
<arg value="${absolute.path.to.project}/src" /> 
<arg value="https://host:8443/wsrf/services/WS?wsdl" /> 
</exec> 

当我在蚂蚁执行此，我得到这个错误：

generate-from-wsdl: 
    [exec] parsing WSDL... 
    [exec] [ERROR] sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    [exec] Failed to read the WSDL document: https://192.168.56.101:8443/wsrf/services/KnowledgebaseWebservice?wsdl, because 1) could not find the document; /2) the document could not be read; 3) the root element of the document is not <wsdl:definitions>. 
    [exec] [ERROR] failed.noservice=Could not find wsdl:service in the provided WSDL(s): 
    [exec] At least one WSDL with at least one service definition needs to be provided. 
    [exec]  Failed to parse the WSDL. 
    [exec] Result: 1 

为了避免这种情况，我想

• 导入与server.crt这文件keytool -importcert -file ~/path/server.crt
• 将server.crt复制到$ JAVA_HOME/lib/security

UPDATE

我也试过如下：

<wsimport wsdl="https://host:8443/Webservice?wsdl" destdir="gen" 
       sourcedestdir="src" 
       verbose="true"> 
    <jvmarg value="-Djavax.net.ssl.trustStore=/path/host.cer" /> 
    <jvmarg value="-Djavax.net.ssl.trustStorePassword=changeit" /> 
</wsimport> 

我仍然得到这个错误。我能做什么？

Answer 1

我认为您需要通过指定-keystore <path_to>/jre/lib/security/cacerts将服务器证书导入JRE的密钥存储库。如果你坚持以前的命令行，我认为你需要为执行Ant的同一个用户执行该命令。

Answer 2

我无法将cert导入到my/jre/lib/security/cacerts。

所以我结束了以下解决方法：

<target name="main" > 
    <exec executable="java"> 
     <arg line="-Djavax.net.ssl.trustStore=c:\jdk160_29\.mykeystore -classpath C:\jdk160_29\lib\tools.jar com.sun.tools.internal.ws.WsImport https://host:8443/Webservice?wsdl -p com.test -s ./src"/> 
    </exec> 
</target>