我有HTTPS网址,它会直接指向特定文件。
在我的servlet中,当我尝试接收此文件时,我在 connection.getInputStream()行中收到SSLHandshakeException。
我能够在正常的Eclipse 环境中运行此程序而没有任何错误。
我在IBM WebSphere Portal 7 环境中使用它时接收异常。
我已附上以下代码。
String filename = ""+request.getParameter("newName");
String filepath = ""+request.getParameter("filePath");
URL url = new URL(filepath);
URLConnection connection = url.openConnection();
InputStream in = connection.getInputStream();
response.setContentType("APPLICATION/OCTET-STREAM");
response.setHeader("Content-Disposition", "attachment ; filename="+filename+" ");
int i;
while((i=in.read()) != -1)
{
response.getWriter().write(i);
}
in.close();
以下是我收到的例外情况
Error 500: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert.CertPathValidatorException: The certificate issued by EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA is not trusted; internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error
以下是我从日志
收到的错误[1/2/15 5:46:24:930 EST] 000000b9 ServletWrappe E com.ibm.ws.webcontainer.servlet.ServletWrapper service SRVE0068E: Uncaught exception created in one of the service methods of the servlet downloadServlet in application PA_FileCabinet. Exception created : javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
at com.ibm.jsse2.o.a(o.java:30)
at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:216)
at com.ibm.jsse2.kb.a(kb.java:411)
at com.ibm.jsse2.kb.a(kb.java:150)
at com.ibm.jsse2.lb.a(lb.java:106)
at com.ibm.jsse2.lb.a(lb.java:716)
at com.ibm.jsse2.kb.s(kb.java:659)
at com.ibm.jsse2.kb.a(kb.java:393)
at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:850)
at com.ibm.jsse2.SSLSocketImpl.h(SSLSocketImpl.java:63)
at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:316)
at com.ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:220)
at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:184)
at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:40)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1207)
at com.ibm.net.ssl.www2.protocol.https.b.getInputStream(b.java:66)
at com.infores.portal.filecabinet.downloadServlet.doGet(downloadServlet.java:52)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:718)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1661)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1602)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:113)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:80)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:939)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:507)
at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:181)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3994)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:945)
at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1592)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:191)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:453)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:515)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:306)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:277)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:175)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1660)
Caused by: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error
at com.ibm.jsse2.util.h.b(h.java:96)
at com.ibm.jsse2.util.h.b(h.java:69)
at com.ibm.jsse2.util.g.a(g.java:11)
at com.ibm.jsse2.pc.a(pc.java:8)
at com.ibm.jsse2.pc.checkServerTrusted(pc.java:7)
at com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted(WSX509TrustManager.java:359)
at com.ibm.jsse2.lb.a(lb.java:171)
... 41 more
答案 0 :(得分:0)
当您收到错误响应代码时请记住,您无法使用getInputStream()
在这种情况下,您必须使用getErrorStream()
答案 1 :(得分:0)
您需要将证书添加到WAS中的受信任存储区。