默认的java cacerts不起作用

时间:2014-10-30 18:11:27

标签: java ssl https certificate keystore

我有一个SSL安全休息。

在我的java客户端中,我已将certificat添加到cacerts商店,但仅当我在javax.net.ssl.trustStore参数中明确设置cacerts文件路径并在javax.net.ssl中设置密码时,它才有效。 trustStorePassword。

java home设置为: java.home:C:\ ide \ jdk1.7.0_45 \ jre

并将两个参数设置为:

  Properties pp = System.getProperties();

  Set<Object> s = pp.keySet();

  for (Object object : s) {
      System.out.println(object + " : " + pp.get(object));
  }

  System.setProperty("javax.net.ssl.trustStore", "C:\\ide\\jdk1.7.0_45\\jre\\bin\\cacerts");
  System.setProperty("javax.net.ssl.trustStorePassword", "secret");

结果:

  java.runtime.name : Java(TM) SE Runtime Environment 
  sun.boot.library.path : C:\ide\jdk1.7.0_45\jre\bin
  .....
  java.home : C:\ide\jdk1.7.0_45\jre
  .... other java parameters value
  WS called with success

执行异常:

  Properties pp = System.getProperties();

  Set<Object> s = pp.keySet();

  for (Object object : s) {
      System.out.println(object + " : " + pp.get(object));
  }

  //System.setProperty("javax.net.ssl.trustStore", "C:\\ide\\jdk1.7.0_45\\jre\\bin\\cacerts");
  //System.setProperty("javax.net.ssl.trustStorePassword", "secret");

结果:

java.runtime.name : Java(TM) SE Runtime Environment
sun.boot.library.path : C:\ide\jdk1.7.0_45\jre\bin
.....
java.home : C:\ide\jdk1.7.0_45\jre
.... other java parameters value
Exception in thread "main" 
Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor.execute(ApacheHttpClient4Executor.java:182)
at org.jboss.resteasy.core.interception.ClientExecutionContextImpl.proceed(ClientExecutionContextImpl.java:39)
at org.jboss.resteasy.plugins.interceptors.encoding.AcceptEncodingGZIPInterceptor.execute(AcceptEncodingGZIPInterceptor.java:40)
at org.jboss.resteasy.core.interception.ClientExecutionContextImpl.proceed(ClientExecutionContextImpl.java:45)
at org.jboss.resteasy.client.ClientRequest.execute(ClientRequest.java:443)
at org.jboss.resteasy.client.ClientRequest.httpMethod(ClientRequest.java:677)
at org.jboss.resteasy.client.ClientRequest.post(ClientRequest.java:566)
... 2 more

1 个答案:

答案 0 :(得分:0)

我认为问题在于我使用了错误的cacerts文件路径。

java中的默认cacerts文件是:

\ JRE \ lib \ security中\ cacerts中

相关问题
最新问题