我希望独立应用程序中的最后一行在没有抛出异常的情况下通过:
Properties props = new Properties();
props.setProperty("java.naming.factory.initial",
"weblogic.jndi.WLInitialContextFactory");
props.setProperty("java.naming.provider.url",
"t3s://localhost:9002");
props.setProperty("java.naming.security.principal",
"<username>");
props.setProperty("java.naming.security.credentials",
"<password>");
Context ctx = new InitialContext(props);
...但我在异常中获得此信息:
Warning Security BEA-090542 Certificate chain received from localhost - 127.0.0.1 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.
因此,我使用此命令为ca创建了一个密钥库:
keytool -keystore client.jks -importcert -file cacert.pem
...并使用属性weblogic.security.TrustKeyStore = client.jks
引用它这仍然不起作用,很可能是因为我没有为密钥库提供密码。我错过了什么?我该如何提供这个密码? (或者,如何在不设置密码的情况下创建密钥库?)
答案 0 :(得分:7)
差不多两个月后,我回到了这个问题。找到this link后,我发现这有效:
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification","true");
System.setProperty("java.protocol.handler.pkgs", "weblogic.net");
System.setProperty("weblogic.security.TrustKeyStore","CustomTrust");
System.setProperty("weblogic.security.CustomTrustKeyStoreFileName", "<keystorelocation>");
System.setProperty("weblogic.security.CustomTrustKeyStorePassPhrase","<keystorepassword>");
System.setProperty("weblogic.security.CustomTrustKeyStoreType","JKS");
我只使用系统属性才能使用它。