尝试从安全站点生成Web服务客户端时出现奇怪的证书错误 [英] Weird certificate error when trying to generate web service client from secure site

问题描述

当尝试使用AXIS1.4 Wsdl2Java工具为安全IIS站点上安装的Web服务生成客户端代码时，出现一个奇怪的错误.当我运行该工具时，出现以下SSL异常:

I get a weird error when trying to use AXIS1.4 Wsdl2Java tool to generate client code for the web service that is installed on the secure IIS site. When I run the tool I get the following SSL exception:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No
 name matching XXXXXXX.net found
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
591)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:975)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:123)
        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
16)
        at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:454)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:884)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1096)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1123)

奇怪的是，仅当我运行WSDL2Java时才发生此错误，并且仅针对此特定服务器.我有另一个具有相同设置的Web服务器，并且在那里一切正常.我对所有密钥库进行了三重检查，看起来所有CA证书都已正确加载.我尝试使用具有相同设置的另一台服务器，并且能够毫无问题地生成客户端代理代码.奇怪的是，如果我将另一台服务器生成的代码用于奇怪的服务器，则一切正常.只是Wsdl2Java给我一个问题.

Weird thing is that this error only occurs when I run WSDL2Java, and only for this particular server. I have another web server with the identical set-up and everything works fine there. I triple checked all the keystores and it looks like all the CA certificates are loaded correctly. I tried using another server with the identical setup, and was able to generate the client proxy code without any problems. Weird thing is that if I use the code generated from the other server against the weird server everything works fine. It is only Wsdl2Java that is giving me a problem.

推荐答案

您可能会发现使用SSL调试系统属性有助于调查此问题:

You may find using the SSL debugging system properties can be helpful to investigate this problem:

-Djavax.net.debug=ssl

如果打印太多，则可以过滤一些东西，也许是这样:

If there's too much printed out, you can filter some things, perhaps this:

-Djavax.net.debug=ssl,trustmanager

输出不一定是显而易见的，但它应该告诉您错误的详细信息.

The output is not necessarily obvious to read, but it should tell you where the error is in more detail.

这篇关于尝试从安全站点生成Web服务客户端时出现奇怪的证书错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！