相关疑难解决方法(0)

我正在尝试将以下curl调用转换为Java调用

curl --verbose --cert bobauth.crt --key bobauth.key https://test1.mobileticket.se/api/v1/auth/andreas

Curl调用按照我的预期工作,但当我尝试在java中执行相同的调用时,我只收到错误消息.不过这就是我试图做到的,不知道这是不是最好的方法.

bobauth证书是使用以下命令创建的.这与curl调用中使用的bobauth相同.

openssl req -new -x509 -sha256 -days 1000 \
        -newkey rsa:2048 -nodes -keyout bobauth.key \
        -subj "/CN=anders@clonecorps.com" -out bobauth.crt

然后我用以下代码创建一个java密钥库.

# Create PKCS12 keystore from private key and public certificate.
openssl pkcs12 -export -name myservercert -in bobauth.crt -inkey bobauth.key -out keystore.p12

# Convert PKCS12 keystore into a JKS keystore
keytool -importkeystore -destkeystore mykeystore.jks -srckeystore keystore.p12 -srcstoretype pkcs12 -alias myservercert

这是我放在一起的java代码,它不能完全运行.

try {
    KeyStore keyStore  = KeyStore.getInstance("JKS");
    java.io.FileInputStream fis = null;
    try …

我正在开发一个Web服务客户端,它需要与启用了相互身份验证的服务器通信.

我已经完成了以下步骤.

1. 将服务器证书(自签名)添加到信任库并将其设置为HttpsURLConnection使用SSLSocketFactory.
2. 将客户端证书(CA签名)提供给服务器管理员以将其添加到其受信任的存储中.
3. 通过导入客户端证书创建了一个密钥库,并创建了一个密钥管理器来"HttpsURLConnection".

当我尝试运行此示例时,我得到一个例外说法

org.springframework.ws.soap.axiom.AxiomSoapMessageException: Could not write message to OutputStream: java.net.SocketException: Software caused connection abort: recv failed; nested exception is javax.xml.stream.XMLStreamException: java.net.SocketException: Software caused connection abort: recv failed
        at org.springframework.ws.soap.axiom.AxiomSoapMessage.writeTo(AxiomSoapMessage.java:261)
        at org.springframework.ws.transport.AbstractWebServiceConnection.send(AbstractWebServiceConnection.java:45)
        at org.springframework.ws.client.core.WebServiceTemplate.sendRequest(WebServiceTemplate.java:586)
        at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:549)
        at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:502)
        at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:480)
        at test.SamlTest.request(SamlTest.java:29)
        at test.SamlTest.main(SamlTest.java:63)
    Caused by: javax.xml.stream.XMLStreamException: java.net.SocketException: Software caused connection abort: recv failed
        at com.sun.xml.internal.stream.writers.XMLStreamWriterImpl.writeStartDocument(Unknown Source)
        at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.internalSerialize(SOAPEnvelopeImpl.java:193)
        at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:756)
        at org.apache.axiom.soap.impl.llom.SOAPMessageImpl.internalSerialize(SOAPMessageImpl.java:71)
        at org.apache.axiom.om.impl.llom.OMDocumentImpl.internalSerialize(OMDocumentImpl.java:324)
        at org.apache.axiom.om.impl.llom.OMDocumentImpl.serialize(OMDocumentImpl.java:375)
        at org.springframework.ws.soap.axiom.AxiomSoapMessage.writeTo(AxiomSoapMessage.java:252)
        ... 7 more
    Caused …

错误跟踪：

javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target##
at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:287)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:252)
at org.glassfish.jersey.client.JerseyInvocation$2.call(JerseyInvocation.java:701)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:444)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:697)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:420)
at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:316)
at com.xxx.rest.RestClient.execRequest(RestClient.java:49)
at com.xxx.RestClientTest.test(RestClientTest.java:24)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at …

我有点不知道如何在 WidlFly 11 中使用证书。我查阅了文档，发现了很多术语，例如 JSSE、OpenSSL、Elytron、ApplicationRealm。当我执行代码时出现问题

final URL url = new URL("https://someUrl");
HttpsURLConnection httpURLConnection = (HttpsURLConnection)url.openConnection();

抛出此异常sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

那么，具体需要配置什么呢？我尝试了Elytron Documentation中的“为应用程序启用单向 SSL/TLS”部分，但没有成功。

ps：我正在使用 java 9.01 ps2：我正在使用standalone-full.xml

如果您需要更多信息，请告诉我