我有一个SSL安全休息。
在我的java客户端中,我已将certificat添加到cacerts商店,但仅当我在javax.net.ssl.trustStore参数中明确设置cacerts文件路径并在javax.net.ssl中设置密码时,它才有效。 trustStorePassword。
java home设置为: java.home:C:\ ide \ jdk1.7.0_45 \ jre
并将两个参数设置为:
Properties pp = System.getProperties();
Set<Object> s = pp.keySet();
for (Object object : s) {
System.out.println(object + " : " + pp.get(object));
}
System.setProperty("javax.net.ssl.trustStore", "C:\\ide\\jdk1.7.0_45\\jre\\bin\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "secret");
结果:
java.runtime.name : Java(TM) SE Runtime Environment
sun.boot.library.path : C:\ide\jdk1.7.0_45\jre\bin
.....
java.home : C:\ide\jdk1.7.0_45\jre
.... other java parameters value
WS called with success
执行异常:
Properties pp = System.getProperties();
Set<Object> s = pp.keySet();
for (Object object : s) {
System.out.println(object + " : " + pp.get(object));
}
//System.setProperty("javax.net.ssl.trustStore", "C:\\ide\\jdk1.7.0_45\\jre\\bin\\cacerts");
//System.setProperty("javax.net.ssl.trustStorePassword", "secret");
结果:
java.runtime.name : Java(TM) SE Runtime Environment
sun.boot.library.path : C:\ide\jdk1.7.0_45\jre\bin
.....
java.home : C:\ide\jdk1.7.0_45\jre
.... other java parameters value
Exception in thread "main"
Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor.execute(ApacheHttpClient4Executor.java:182)
at org.jboss.resteasy.core.interception.ClientExecutionContextImpl.proceed(ClientExecutionContextImpl.java:39)
at org.jboss.resteasy.plugins.interceptors.encoding.AcceptEncodingGZIPInterceptor.execute(AcceptEncodingGZIPInterceptor.java:40)
at org.jboss.resteasy.core.interception.ClientExecutionContextImpl.proceed(ClientExecutionContextImpl.java:45)
at org.jboss.resteasy.client.ClientRequest.execute(ClientRequest.java:443)
at org.jboss.resteasy.client.ClientRequest.httpMethod(ClientRequest.java:677)
at org.jboss.resteasy.client.ClientRequest.post(ClientRequest.java:566)
... 2 more
答案 0 :(得分:0)
我认为问题在于我使用了错误的cacerts文件路径。
java中的默认cacerts文件是:
\ JRE \ lib \ security中\ cacerts中