SSL安全Jboss 7.1软件导致连接中止:recv失败

时间:2015-01-12 12:33:47

标签: java ssl-certificate keystore

在调用暴露为部署在jboss 7.1上的REST服务的EJB之后,我收到以下异常。

我正在尝试实施SSL安全性,而且我使用的是我使用keytool创建的密钥库文件

java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:152)
at java.net.SocketInputStream.read(SocketInputStream.java:122)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
at sun.security.ssl.InputRecord.read(InputRecord.java:480)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1705)
at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)

下面是我的代码,用于检索SSLSocketFactory对象

public static SSLSocketFactory getSSLSocketFactory(String keyStoreFileName, String password) throws Exception {
    SSLSocketFactory sslFactory = null;
    try {
        KeyStore keyStore = getKeyStore(keyStoreFileName, password);

        TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        factory.init(keyStore);

        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX");//PKIX or SunX509
        keyManagerFactory.init(keyStore, password.toCharArray());

        TrustManager[] trustmanagers = factory.getTrustManagers();
        if (trustmanagers.length == 0) {
            throw new NoSuchAlgorithmException("no trust manager found");
        }

        SSLContext ctx = SSLContext.getInstance("TLS");
        ctx.init(keyManagerFactory.getKeyManagers(), factory.getTrustManagers(), new SecureRandom());
        sslFactory = ctx.getSocketFactory();
    } catch(Exception e) {
        System.out.println("Exception while trying to get the SSLSocketFactory");
        System.out.println(e.getMessage());
    }
    return sslFactory;
}

以下是我创建连接并执行POST请求的代码

public LoggedUserData login(String keyStoreFileName, String password) throws Exception {
    LoggedUserData loggedUserData = new LoggedUserData();
    HttpsURLConnection connection = openConnection(LOGIN_URL);
    connection.addRequestProperty(USERNAME_AND_PASSWORD, getHeader(USERNAME, PASSWORD));
    connection.setRequestMethod("POST");
    connection.setDoOutput(true);

    if(keyStoreFileName != null) {
        SSLSocketFactory sslSocket = Util.getSSLSocketFactory(keyStoreFileName, password);
        if(sslSocket != null) {
            connection.setSSLSocketFactory(sslSocket);
        }
    }

    OutputStream outputStream = connection.getOutputStream();
    DataOutputStream wr = new DataOutputStream(outputStream);
    wr.flush();
    wr.close();
    //other code below
    return loggedUserData;
}

以下是我的standalone.xml文件

<connector name="https" protocol="HTTP/1.1" scheme="https"
        socket-binding="https" enable-lookups="false" secure="true">
    <ssl key-alias="as7alias" password="mypassword" 
            verify-client="true" 
            certificate-key-file="D:/servers/jboss-as-7.1.1.Final/standalone/configuration/server.keystore" 
            cipher-suite="ALL" protocol="TLS"/>
</connector>

调用connection.getOutputStream();

时抛出异常

我尝试使用&#34; PKIX&#34;来改变KeyManagerFactory的创建方式。或&#34; SunX509&#34;或者只是在SSLContext init方法上将null设置为参数,但没有任何效果。

我必须通过java代码调用该服务。

当我尝试从浏览器(firefox)执行请求时,我在接受证书后收到此错误:

  

连接到localhost期间发生错误:8443。 SSL对等方无法验证您的证书。 (错误代码:ssl_error_bad_cert_alert)

所以一切都应该没问题。我的代码显然犯了一个错误,但我真的无法找到答案。

PS:非常奇怪的是,我试图用Junit测试4种方法,偶尔进行一次随机测试&#34;工作&#34;。我得到以下异常:

javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
at com.tutorial.resteasy.jboss.web.client.webservice.LibrarianService.performConnectioToServer(LibrarianService.java:231)
at com.tutorial.resteasy.jboss.web.client.webservice.LibrarianService.logout(LibrarianService.java:92)
at com.tutorial.resteasy.jboss.web.client.webservice.tester.TestLibrarianService.performTestsInOrder(TestLibrarianService.java:41)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)
Received fatal alert: bad_certificate

收到致命警报:bad_certificate

这让我相信它有某种配置问题(超时或其他)

0 个答案:

没有答案
相关问题
最新问题