Java客户端SSLSocket与自签名JKS证书的连接

时间:2013-09-25 13:16:56

标签: java eclipse ssl

我在Eclipse中使用Java jdk / jre6,并且在将应用程序客户端SSLSocket连接到SSL服务器时遇到了问题。

我很感激任何处理此问题的帮助,因为我被困住了。

我使用key-tool创建了一个自签名的jks,并设置了System属性并创建了一个SSL套接字

System.setProperty("javax.net.ssl.keyStore", "C:/.../mystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword","thepassword");
System.setProperty("javax.net.ssl.trustStore", "C:/.../mystore.jks");
System.setProperty("javax.net.ssl.trustStorePassword","thepassword");
SSLSocket sslsocket= (SSLSocket) SSLSocketFactory.getDefault().createSocket(ip,port);

然而,当我尝试第一次套接字写入时,我会抛出一个异常。

socket.getOutputStream().write(message.getBytes(),0,message.length());

javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1358)
at com.sun.net.ssl.internal.ssl.AppInputStream.available(AppInputStream.java:40)
at com.guiink.mbt.MbtFixApi.readFixMessage(MbtFixApi.java:181)
at com.guiink.gui.GuiWnd$FixConnection$1.run(GuiWnd.java:766)
at org.eclipse.swt.widgets.RunnableLock.run(RunnableLock.java:35)
at org.eclipse.swt.widgets.Synchronizer.runAsyncMessages(Synchronizer.java:135)
at org.eclipse.swt.widgets.Display.runAsyncMessages(Display.java:4140)
at org.eclipse.swt.widgets.Display.readAndDispatch(Display.java:3757)
at com.guiink.gui.GuiWnd.open(GuiWnd.java:141)
at com.guiink.gui.GuiWnd.main(GuiWnd.java:118)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1764)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:958)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1203)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:654)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:100)
at com.guiink.mbt.MbtFixApi.writeToServer(MbtFixApi.java:1481)
at com.guiink.mbt.MbtFixApi.sendFixMessage(MbtFixApi.java:1437)
at com.guiink.mbt.MbtFixApi.createFixSession(MbtFixApi.java:150)
at com.guiink.gui.GuiWnd.open(GuiWnd.java:135)
... 1 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
... 12 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 18 more

有人可以告诉我错误的原因/纠正吗?

0 个答案:

没有答案