我正在发送https请求。我已经添加了客户端证书并将其导入到jvm,仍然无法执行该请求,显示连接请求。
private static Registry<ConnectionSocketFactory> scheme = null;
static {
SSLConnectionSocketFactory socketFactory = null;
try {
System.setProperty("javax.net.debug", "all");
String KEYSTORE_LOCATION = "C:\\Users\\pritesha\\Desktop\\TS1_certs\\wwwin-ts1fin.cisco.com.jks";
FileInputStream is = new FileInputStream(new File(KEYSTORE_LOCATION));
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(is, "changeit".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trustStore);
SSLContext ctx = SSLContext.getInstance("TLSv1");
ctx.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sslFactory = ctx.getSocketFactory();
SSLContextBuilder sslContextBuilder = SSLContexts.custom().useTLS().loadTrustMaterial(trustStore);
socketFactory = new SSLConnectionSocketFactory(sslContextBuilder.build());
} catch (KeyStoreException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
} catch (KeyManagementException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
} catch (NoSuchAlgorithmException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
} catch (CertificateException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
} catch (IOException e) {
System.out.println("Exception in the loading Key Store... " + e.getMessage());
}
scheme = RegistryBuilder.<ConnectionSocketFactory>create().register("https", socketFactory).build();
}
public static String connect() {
CloseableHttpClient httpclient = null;
try {
String URL = "https://wwwin-ts1fin.cisco.com/bpelpcicreatereceipt_client_ep";
String requestBody = "<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"http://xmlns.oracle.com/I2C/PrjPCIReceiptCreation/BPELPCICreateReceipt\"><SOAP-ENV:Header/><SOAP-ENV:Body>"
+ "<ns1:process><ns1:SourceSystem>CCW</ns1:SourceSystem> <ns1:PaymentId>" + 123
+ "</ns1:PaymentId> <ns1:Retry>No</ns1:Retry></ns1:process></SOAP-ENV:Body></SOAP-ENV:Envelope>";
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(scheme);
connectionManager.setMaxTotal(200);
connectionManager.setDefaultMaxPerRoute(20);
httpclient = HttpClients.custom().setConnectionManager(connectionManager).build();
HttpPost httpPost = new HttpPost(URL);
httpPost.setHeader("Content-Type", "text/xml");
httpPost.setEntity(new StringEntity(requestBody));
HttpResponse httpResponse = httpclient.execute(httpPost);
HttpEntity entity = httpResponse.getEntity();
if (entity != null) {
return EntityUtils.toString(entity);
}
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
这是我得到的完整堆栈跟踪:
[原始读取]:长度= 5 0000:15 03 03 00 02 ..... 主要,处理异常:java.net.SocketException:连接重置 主要,发送TLSv1警报:致命,描述=意外消息主要,写入:TLSv1警报,长度= 2 main,异常发送警报:java.net.SocketException:对等体重置连接:套接字写入错误 主要,称为closeSocket()
答案 0 :(得分:0)
首先,这是TLS警报,您需要更好地了解它是什么警报。安装wireshark并监听会话。深入查看警报msg,wireshark解剖器将进一步解释该问题。
我怀疑您没有协商通用的密码套件。您选择了tls v1,但是cicso可能具有更高的版本,因此您选择不降级到tls 1.0(这是ssl v3,并不令人惊讶地被cisco拒绝)而提供的一组密码套件。