Axis2 / Rampart客户端自签名证书 [英] Axis2/Rampart Client Self-Signed Certificates
问题描述
我尝试使用安全的用户端存取网路服务。
我产生了两个档案:
nb19200.pkcs12
server.jks
我在tomcat中粘贴了服务器密钥库,并将pkcs12我的浏览器,一切都很好。
现在,在我的客户端应用程序中,我尝试了以下操作:
,导出服务器证书,我使用以下命令:
keytool -exportcert -alias servercert -file servercert.cer -keystore server.jks -storepass * *
然后将其导入到密钥库中,其中不包含任何内容:
keytool -importcert -keystore truststore.jks -alias servercert -file servercert.cer -v trustcacerts -noprompt -storepass * **
我的代码如下:
System.setProperty(javax.net.ssl.trustStore ,servertrust.jks);
System.setProperty(javax.net.ssl.trustStorePassword,password);
//能够从axis2.xml加载客户端配置
ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(client-repo,null);
SecureServiceStub stub = new SecureServiceStub(ctx,https:// localhost:8443 / axis2 / services / SecureService);
ServiceClient sc = stub._getServiceClient();
sc.engageModule(rampart);
//调用服务等。
得到以下错误:
导致:java.net.SocketException:远程主机关闭连接 b $ b
如果我注释前两行,我得到的错误是:
导致:sun.security.provider.certpath.SunCertPathBuilderException :
那么我做错了什么?
堆栈跟踪:
线程main中的异常org.apache.axis2.AxisFault:Connection refused:connect
at org.apache.axis2.AxisFault.makeFault AxisFault.java:430)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:197)
at org.apache.axis2.transport.http.HTTPSender.send( HTTPSender.java:75)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:404)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke( CommonsHTTPTransportSender.java:231)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java: 406)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at tutorial.rampart.client.SecureServiceStub.add(SecureServiceStub.java:191)
at tutorial.rampart.client.SecureServiceCGClient.main(SecureServiceCGClient.java:36)
引发者:java.net .ConnectException:Connection refused:connect
在java.net.PlainSocketImpl.socketConnect(本地方法)
在java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:351)
在java.net .PlainSocketImpl.connectToAddress(PlainSocketImpl.java:213)
在java.net.PlainSocketImpl.connect(PlainSocketImpl.java:200)
在java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:564)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native方法)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.commons.httpclient.protocol.ReflectionSocketFactory.createSocket(ReflectionSocketFactory.java:140)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:130)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at org。 apache.commons.httpclient.MultiThreadedHttpConnectionManager $ HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
在org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
在org.apache。 commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
在org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
在org.apache.axis2.transport。 http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:621)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:193)
我找到了解决方案。
:
System.setProperty(javax.net.ssl.keyStore,keys / client.jks);
System.setProperty(javax.net.ssl.keyStorePassword,password);
I'm trying to access a web service using a secure client.
I generated two files:
nb19200.pkcs12
server.jks
I pasted the server keystore in tomcat and uploaded the pkcs12 to my browser, everything works well.
Now, in my client application, I tried the following:
First, export the server certificate, I used the following command:
keytool -exportcert -alias servercert -file servercert.cer -keystore server.jks -storepass **
And then import it onto a keystore with nothing in there:
keytool -importcert -keystore truststore.jks -alias servercert -file servercert.cer -v trustcacerts -noprompt -storepass ***
My code is the following:
System.setProperty("javax.net.ssl.trustStore","servertrust.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
//To be able to load the client configuration from axis2.xml
ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("client-repo", null);
SecureServiceStub stub = new SecureServiceStub(ctx,"https://localhost:8443/axis2/services/SecureService");
ServiceClient sc = stub._getServiceClient();
sc.engageModule("rampart");
//call the service etc.
Ok, with this configuration I get the following error:
Caused by: java.net.SocketException: Connection closed by remote host
If I comment the first two lines, the error I get is:
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
So what am I doing wrong?
I'm completely lost.
Update full code:
Stack trace:
Exception in thread "main" org.apache.axis2.AxisFault: Connection refused: connect
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:197)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:404)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:231)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at tutorial.rampart.client.SecureServiceStub.add(SecureServiceStub.java:191)
at tutorial.rampart.client.SecureServiceCGClient.main(SecureServiceCGClient.java:36)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:351)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:213)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:200)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:564)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.commons.httpclient.protocol.ReflectionSocketFactory.createSocket(ReflectionSocketFactory.java:140)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:130)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:621)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:193)
I found the solution.
I was missing this:
System.setProperty("javax.net.ssl.keyStore","keys/client.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
这篇关于Axis2 / Rampart客户端自签名证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!