我正在尝试为本地开发设置jetty maven插件,但我坚持信任LDAP服务器的SSL,我使用Spring安全性进行身份验证。
我尝试使用信任库创建SSL的连接器,但是我仍然在登录时收到绑定异常。
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Arg>
<New class="org.eclipse.jetty.http.ssl.SslContextFactory">
<Set name="keyStore">servers/jetty/jetty.jks</Set>
<Set name="keyStorePassword">password</Set>
<Set name="keyManagerPassword">password</Set>
<Set name="trustStore">servers/trust.jks</Set>
<Set name="trustStorePassword">password</Set>
</New>
</Arg>
<Set name="port">443</Set>
<Set name="maxIdleTime">30000</Set>
</New>
</Arg>
</Call>
这是一个例外:
simple bind failed: host:port; nested exception is javax.naming.CommunicationException: simple bind failed: host:port [Root exception is javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert.CertPathValidatorException: The certificate issued by ROOT CA is not trusted; internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error]
似乎连接器的信任库仅限于传入的SSL连接。无论如何要让这个与码头合作?
答案 0 :(得分:0)
我解决了它如下:
<Call class="java.lang.System" name="setProperty">
<Arg>javax.net.ssl.trustStore</Arg>
<Arg>trust.jks</Arg>
</Call>
<Call class="java.lang.System" name="setProperty">
<Arg>javax.net.ssl.trustStorePassword</Arg>
<Arg>xxxx</Arg>
</Call>
答案 1 :(得分:0)
对我而言:
<systemProperty>
<name>javax.net.ssl.trustStore</name>
<value>/Users/koraytugay/Desktop/cacerts.jks</value>
</systemProperty>
<systemProperty>
<name>javax.net.ssl.trustStorePassword</name>
<value>changeit</value>
</systemProperty>