我正在尝试使用vertx实现服务器和客户端之间的SSL连接。 我已生成服务器证书并存储在密钥库中,从密钥库中提取了证书并将其导入到信任库中。但是,当我尝试将服务器连接到客户端时,出现以下错误: javax.net.ssl.SSLException:收到致命警报:certificate_unknown
生成的keystore.jks和truststore.jks,已将其保存在单独的文件夹中,并且在代码中引用了此位置。
使用我在下面完成的顶点, 服务器代码:
HttpServer server =vertx.createHttpServer(new HttpServerOptions().setSsl(true).setKeyStoreOptions(
new JksOptions().setPath("C:\\Desktop\\keystore.jks").setPassword("xxxxx")
));
// Creating HttpServer
server.requestHandler(router::accept).listen((int) configs.get(Constants.PORT));
客户代码:
WebClientOptions options = new WebClientOptions();
options.setKeepAlive(config().getBoolean("webClient.keepAlive", true));
options.setMaxPoolSize(config().getInteger("webClient.maxPoolSize", 200));
options.setSsl(true);
options.setTrustStoreOptions(new JksOptions()
.setPath("C:/Desktop/truststore.jks")
.setPassword("xxxxx")
);
WebClient webClient = WebClient.create(vertx, options);
服务器端:
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:459)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:265)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
客户端:
Caused by: java.security.cert.CertificateException: No name matching localhost found
at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:231)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:96)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1521)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:528)
答案 0 :(得分:0)
我试图用主机名localhost调用服务器api。但是在生成证书时,我给了CN其他东西。当我尝试使用相同的CN调用api时-工作正常。